Deception is a two-part process involving a “distraction” and a “decoy”. For many Canadians, COVID-19 represents a multi-dimensional distraction that’s simultaneously impacting numerous aspects of life, and these distracting effects are especially pronounced when they stroke matters that mean most to their victims. There has been enough public education to date to assume that most of the general populace have learnt to harness some form of guardedness around disclosing personal and financial information. However, distractive triggers such as financial pressure, health & well-being angst, and pent-up frustration from being confined, can cause many to inadvertently lower their guards. And yes, the hackers are well-aware of this and have come up with their latest human-based attack vector- mimicking the Canadian federal government, targeting its citizens.
Imagine that your income has been negatively affected by COVID-19 and you apply for the Canadian Emergency Response Benefit (CERB). You have not heard back on your application and so you call the 1-800 number from the website, only to find that you either can’t get through, or you’ll be on hold for an extended period of time due to higher call volumes and reduced staff. You choose to hold, and 30 minutes in, your 10-year-old daughter calls for homework help. You tell her you’re busy, but she insists. You sense her urgency and frustration and so you hang up and decide to try again tomorrow, knowing full well that the chances of an improved outcome is zero. Later that evening, you receive an SMS message stating that you can check the status of your CERB claim by visiting a linked site. The language looks legitimate and so you clicked on the link. You then land on a site that looks identical to the one where you submitted your application. The instructions, written in perfect government-esq language, with the Canadian federal government logo situated next to it acting as a subliminal endorsement, asks you to enter your name and financial information before they can retrieve your file. You say to yourself, “This seems legitimate, and it is reasonable for them to ask for my credentials before retrieving my file… right?”
This example is not fictitious. It was one of many decoys hackers paired with the COVID-19 distraction. In fact, this particular example was listed as a “notable COVID-19 lure” in Canadian Centre for Cyber Security’s (CCCS’s) report titled: Cyber Threat Bulletin: Impact of COVID-19 on Cyber Threat Activity.
The concerning part is…