Be wary of emails linking to government sites – Microsoft

MANILA, Philippines — Software giant Microsoft Corp. has warned business owners and workers against continued cyberattacks using emails that steal personal data by luring victims into corrupted sites posing as government platforms.

Mary Jo Schrade of Microsoft’s digital crimes unit (DCU) said hackers continue to take advantage of the pandemic to deceive people into downloading malware that will eventually gain access to their sensitive data.

“Criminals have become much more sophisticated in the lures that they put into an email to try to get someone to click on a link and download a malware that will give the attackers a way into an environment,” Schrade told reporters.

By doing this, attackers are given easy access to personal information, including address, and sensitive details, such as credit card number, from their victims. They can also coerce their targets into paying them in exchange for the personal data that they stole.

Schrade said hackers go as far as pretending to be government agencies working on the cash subsidies to be distributed to displaced workers. As livelihoods are lost in the pandemic, people may click on the link to see what financial assistance they can obtain.

Schrade, who serves as the assistant general counsel and regional lead for the DCU, said such attacks most often take place in Asia, where countries go through cycles of lockdowns that force firms to shut down and workers to lose income.

“It might be relief for people. People who lost their jobs, they may be concerned about when the government payment might kick in or what is available to them during a tough time. We see that criminals take advantage of that,” the Microsoft executive said.

Some attacks also mask as COVID-19 information from public health authorities like the World Health Organization intended for individuals who worry for their well-being.

Microsoft’s corporate vice president for security, compliance and identity Vasu Jakkal last week said business owners and workers should trust no one when dealing in online sites. In the wake of new breaches, she also asked Microsoft users to update their system often to install the latest security features.

Based on data from Microsoft, hackers launch an average of 50 million password attacks every day or about 579 attempts a second. The software giant, for its part, intercepted an all-time high of 30 billion email threats last year.

Jakkal said data security should be included as a priority nowadays, as the pandemic compelled business transactions to move online.

In the Philippines, seven in every 10 business executives plan to redesign their office spaces to adopt hybrid work in the new normal, according to a Microsoft survey.