Security agencies in the UK and US warned cybercriminals were trying to exploit fears around the Covid-19 (coronavirus) pandemic to install ransomware and steal information, targeting users through e-mail, SMS and infected apps.

A joint report from the UK National Cyber Security Centre (NCSC) and the Cybersecurity and Infrastructure Security Agency (CISA) unit of the US Department of Homeland Security, stated although the overall number of attempted hacks was not increasing, a growing number of those recorded used Covid-19 related themes.

Threats cited include the download of ransomware within apps claiming to be outbreak trackers, and phishing e-mails with spoof sender IDs such as the World Health Organisation or names preceded by the word doctor.

The agencies added although most phishing attempts were through email, there were also a number of cases using SMS, generally with a “financial theme” to lure victims into handing over personal details.

Messages sent included some related to financial support packages being offered by authorities, often claiming to be from official sources.

“An increasing number of malicious cyber actors are exploiting the current Covid-19 pandemic for their own objectives,” the security bodies noted. “In the UK, the NCSC has detected more UK government-branded scams relating to Covid-19 than any other subject.”

“At the same time, the surge in home working has increased the use of potentially vulnerable services, such as Virtual Private Networks, amplifying the threat to individuals and organisations.”