COVID-19 phishing attacks are taking twist by impersonating messages from the White House.
Research published by INKY, a provider of tools for identifying phishing attacks using machine learning algorithms and advanced analytics, finds cybercriminals are sending emails that direct individuals to fake websites to learn more about plans to combat the COVID-19 pandemic.
Some of the emails being sent even appear to come from the White House or directly from President Trump and Vice President Mike Pence, who has been appointed to lead the COVID-19 taskforce.
INKY CEO Dave Baggett said these phishing attacks appear to be coming from Russia, but given the ability of cybercriminals to cover their digital tracks, there can be no absolute certainty as to the actual source.
Baggett said these COVID-19 phishing attacks represent a new low for cybercriminals in that they prey on the anxieties of individuals working at home to compromise credentials and spread malware. Many of those individuals are also now working on systems they own and that are not often as well-protected as those in the office managed by an internal IT team, he said.
Most of the phishing attacks are based on templates that have been cunningly crafted, Baggett added, noting they are made up mostly of fixed text that the individuals launching the attack then personalize to make the email more appealing to their intended targets.
Some of the most common templates being employed are identifiable as they predict the quarantine will last specifically until August or they provide the wrong day for filing taxes now that the U.S. government has granted citizens an extension past April 15.
Baggett said it’s apparent cybercriminals with HTML and CSS skills are replicating official communications to make their emails look as official as possible. Because so many of these emails are now being read by individuals at home, it becomes likely more will let their guard down when receiving these emails, he noted.
It’s more critical than ever to remind end users to employ other communication channels to verify the authenticity of emails directing them to perform some task, said Baggett. In the office, if a suspicious email arrived from one of their colleagues an employee would pick up the phone or walk down the hall to verify its content. With everyone working from home, employees now need to send messages via another channel to make sure the email they receive is legitimate.
In fact, Baggett said these attacks only further highlight the limitations of phishing simulation tools to train end users to recognize the types of phishing attacks. While training is not necessarily a bad idea in of itself, he said the sophistication of phishing attacks is increasing to the point where the average end user is not going to recognize these attacks. What’s now required is an approach that leverages machine learning algorithms to first scan emails for content discrepancies and then ensure that all the URLs in any email or attached document point to legitimate websites.
It’s too early to say whether one of the many outcomes of the COVID-19 pandemic will be increased reliance on machine learning algorithms and other forms of artificial intelligence (AI) to combat cyberattacks. However, given the scope of the challenge now faced, it would appear employing AI to augment cybersecurity teams is now much more a question of when and how than if.