Between February and March of this year there was an increase in the number of incidents recorded by CERT.PT, going from 75 to 138. The data are from the most recent bulletin from the Observatory of the National Cybersecurity Center (CNCS). After highlighting the lack of IT security measures by Portuguese companies, the May issue highlights the panorama of security incidents identified in the context of the pandemic.
According to the bulletin, phishing attacks are again highlighted and, between February and March, CERT.PT recorded 57 incidents. CNCS reports that cybercriminals have taken advantage of social isolation and the increased level of use of the Internet to simulate homebanking services and streaming digital content, as well as online stores.
Based on a report released by the Public Ministry in April, CNCS highlights that the complaints received by the Cybercrime Office have increased. Of the 20 complaints registered in February, the number rose to 46 in March. Until April 16, there was an exponential growth, reaching 76 complaints.
Cyber ??attacks that use social engineering techniques to take advantage of users' fears are increasingly common since the COVID-19 pandemic began to affect Portugal.
According to the CNCS, phishing schemes that use the names of organizations or authorities linked to health, such as the WHO, are the most common cyber attacks. Digital frauds that collect donations through crowdfunding for the false purchase of medical materials and applications that promise to track COVID-19, but which infect equipment with malware, are also frequent.
The supposed sales of medical equipment through fake websites or fraudulent offers are in the sights of CNCS, as well as the sale of COVID-19 Kits on the Dark Web. In addition to Ransomware attacks, such as the recent case of EDP, campaigns were also recorded disinformation that blame minority groups and states for the pandemic.