Go Phish: Cybercriminals Stick to Coronavirus and Financial Content to Fuel Phishing Schemes

We’ve reached the half-year mark and online scammers are still taking advantage of the uncertainties brought on by the pandemic.

Cyber-attacks targeting both consumers and business surged worldwide, and the trend shows no sign of stopping any time soon. In recent months, coronavirus-related attacks spiked, and email has remained the prime vector of choice for enabling them. What are the latest phishing trends that fraudsters use in an attempt to steal personal and financial details from Internet users?

In the past two months, Bitdefender’s telemetry has shown a steady surge of coronavirus-related emails, with 42.9% of the correspondence flagged as suspicious, fraudulent or malicious.

Fraudsters continue to exploit the coronavirus to spread malicious links and attachments, with many phishing emails impersonating agencies and bodies such as the World Health Organization (WHO).

Some of the latest ruses include updates on the evolution of the virus and malicious attachments that infect the recipients’ device when accessed. Scammers also act under the guise of the government, leveraging the temporary ban on importing or exporting goods, or financial institutions offering COVID-19 Financial Relief Fund.

Coronavirus ‘cures’ were also marketed by fraudsters who offer new miracle drugs that can cure the illness “within five days.”

Of course, their list would not be complete without a reminder to purchase some protective gear. Our Bitdefender labs also flagged emails advertising Covid-19 reusable facemasks.

Additionally, some peculiar spikes in phishing emails relating to different financial institutions were noticed. A campaign targeting Standard Bank customers started on May 14, and continued up until mid-June, with various upticks during the end and the beginning of the week.

More than 97% of incoming emails were suspicious, fraudulent or malicious, and it appears that cyber-criminals have a tendency to lay low on Saturday, most likely because users also take a break from reading emails.

On June 8, more than 95% of the influx of emails relating to HSBC bank was fraudulent in nature.

A third phishing campaign mimicking the World Bank was observed the next day. Nearly 81% of the correspondence that impersonated this grant institution turned out to be malicious.

Fraudsters also took advantage of the popularity of money transfer companies such as Moneygram. A steady flow of phishing emails was observed between June 23 and July 1. 91% of emails using company’s name were malicious and, surprisingly enough, the crooks were offering to compensate victims who had previously paid off scammers.

Most phishing emails seem innocent at first, and appear to originate from a trusted source such as government organizations, ministries of health, centers for public health or a bank. However, they contain malicious attachments or embedded links, that once accessed, deploy various malware on the recipient’s device. This malicious software can let cyber crooks take control of your computer, log your keystrokes, access your personal information and financial data, and even encrypt your data with ransomware.

Cyber criminals know you are busy and have a lot on your mind. They transmit a sense of urgency and prey on human emotion, hoping you will miss red flags. This makes phishing one of the most reliable means for identity thieves to steal your personal and financial data.

While some fraudsters have updated their tactics and spend a longer time planning their endgame, not all of them do. The most frequent tip-offs include:

  • poor grammar and obvious spelling mistakes
  • the messages ask for your personal information
  • the message is unsolicited and appears to be from a government, health or financial agency
  • too-good-to-be-true offer

*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Alina Bizga. Read the original post at: