Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
The global response to COVID-19 revealed a host of new opportunities for threat actors, with FBI cybercrime reports quadrupling during the pandemic.
The mad dash by IT teams to stand up new systems outside the firewall to enable a remote workforce has expanded attack surfaces quicker and more radically than ever before. VPN usage surged 112%, and over just six weeks, and RiskIQ noted a 26.11% increase in Microsoft Remote Access Gateway instances (peaking around March 20th when stay-at-home orders took full effect). Many of these access points were stood up outside of the security teams’ purview, and two recent remote-code-execution vulnerabilities now make them at risk of being used in attacks.
Meanwhile, as concern over the outbreak was sweeping the globe, attackers got to work to take advantage of it. Phishing attacks immediately grew 350%, and hospitals and other healthcare facilities suffered an onslaught of ransomware attacks, 70% of which targeted smaller providers.
However, no crime technique has flourished during the pandemic quite like scams. RiskIQ noted 317k new websites related to ‘COVID-19’ or ‘coronavirus’ in the two weeks between March 9th and 23rd, and Google currently blocks 18 million COVID-19 scam emails daily. Many of these messages promise treatment or a cure for the virus, while others offer promotions, discounts, and free products. In RiskIQ’s analysis of scam and spam messages, we encounter such subject lines as “Fight COVID-19 with $100 at Drive Thru!” and “The 3 plants you need to throw in your shopping cart to fight coronavirus.” On a typical day, 30k of the emails we analyze send an executable file for Windows machines, which is a reliable indicator of malware.
To take the fight to the scammers, RiskIQ has launched the COVID-19 Internet Intelligence Gateway. The microsite is a one-stop cybersecurity resource center that includes a new crawl submission and lookup service that taps into RiskIQ’s massive global crawling infrastructure to analyze and compile malicious URLs related to COVID-19.
Via the COVID-19 Internet Intelligence Gateway microsite, security practitioners can submit suspicious COVID-19 URLs to be crawled and analyzed by RiskIQ’s systems as well as receive curated URL blacklists. Through community participation, the site will become an authoritative source of intelligence practitioners can use to block and investigate COVID-19 scams as they proliferate on an unprecedented scale.
COVID-19 Internet Intelligence Gateway offerings
The COVID-19 Internet Intelligence Gateway has the potential to be a powerful tool that security practitioners can use to keep their organizations safe during the crisis. It adds to a catalog of complimentary resources RiskIQ has released to empower the cybersecurity community, as it battles an unprecedented spike in cyber threats related to COVID-19.
By signing up for RiskIQ’s COVID Scams service, users will also have access to RiskIQ’s other complimentary offerings, including:
Sign up today.
RiskIQ is the leader in attack surface management. We help organizations discover, understand, and mitigate exposures across all digital channels.
RiskIQ's #COVID19 Weekly Update:
➡️Car rental company Hertz filed for bankruptcy protection
➡️For the first time, the Boston Marathon has been canceled
➡️Most of the malicious coronavirus emails are coming from US IP space
Read full update here: http://bit.ly/2Uv3CMV
Microsoft Remote Desktop is spiking. Why? Because all work is now remote work and all access is now remote access. RiskIQ scans hundreds of ports and maps exposed services to provide security teams with a picture worth a thousand log lines. https://bit.ly/2xJ1Dgx
RiskIQ's #COVID19 Internet Intelligence Gateway will enable the cybersecurity community to fight a surge in pandemic-related cybercrime. Sign up, submit any suspicious COVID-19-related URL, and have RiskIQ's powerful global crawling network at your command http://bit.ly/3eon6ek
Via @InfosecurityMag, @DanRaywood highlights RiskIQ's new #COVID19 Internet Intelligence Gateway. This one-stop cybersecurity resource is the latest weapon in the fight against the surge in pandemic-related cybercrime. Read more here https://bit.ly/36ALU02