3 min read

Go Phish: Cybercriminals Stick to Coronavirus and Financial Content to Fuel Phishing Schemes

Alina BÎZGĂ

July 13, 2020

Go Phish: Cybercriminals Stick to Coronavirus and Financial Content to Fuel Phishing Schemes

We”ve reached the half-year mark and online scammers are still taking advantage of the uncertainties brought on by the pandemic.

Cyber-attacks targeting both consumers and business surged worldwide, and the trend shows no sign of stopping any time soon. In recent months, coronavirus-related attacks spiked, and email has remained the prime vector of choice for enabling them. What are the latest phishing trends that fraudsters use in an attempt to steal personal and financial details from Internet users?

In the past two months, Bitdefender”s telemetry has shown a steady surge of coronavirus-related emails, with 42.9% of the correspondence flagged as suspicious, fraudulent or malicious.

Fraudsters continue to exploit the coronavirus to spread malicious links and attachments, with many phishing emails impersonating agencies and bodies such as the World Health Organization (WHO).

Some of the latest ruses include updates on the evolution of the virus and malicious attachments that infect the recipients” device when accessed. Scammers also act under the guise of the government, leveraging the temporary ban on importing or exporting goods, or financial institutions offering COVID-19 Financial Relief Fund.

Coronavirus “cures” were also marketed by fraudsters who offer new miracle drugs that can cure the illness “within five days.”

Of course, their list would not be complete without a reminder to purchase some protective gear. Our Bitdefender labs also flagged emails advertising Covid-19 reusable facemasks.

Additionally, some peculiar spikes in phishing emails relating to different financial institutions were noticed. A campaign targeting Standard Bank customers started on May 14, and continued up until mid-June, with various upticks during the end and the beginning of the week.

More than 97% of incoming emails were suspicious, fraudulent or malicious, and it appears that cyber-criminals have a tendency to lay low on Saturday, most likely because users also take a break from reading emails.

On June 8, more than 95% of the influx of emails relating to HSBC bank was fraudulent in nature.

A third phishing campaign mimicking the World Bank was observed the next day. Nearly 81% of the correspondence that impersonated this grant institution turned out to be malicious.

Fraudsters also took advantage of the popularity of money transfer companies such as Moneygram. A steady flow of phishing emails was observed between June 23 and July 1. 91% of emails using company”s name were malicious and, surprisingly enough, the crooks were offering to compensate victims who had previously paid off scammers.

Most phishing emails seem innocent at first, and appear to originate from a trusted source such as government organizations, ministries of health, centers for public health or a bank. However, they contain malicious attachments or embedded links, that once accessed, deploy various malware on the recipient”s device. This malicious software can let cyber crooks take control of your computer, log your keystrokes, access your personal information and financial data, and even encrypt your data with ransomware.

Cyber criminals know you are busy and have a lot on your mind. They transmit a sense of urgency and prey on human emotion, hoping you will miss red flags. This makes phishing one of the most reliable means for identity thieves to steal your personal and financial data.

While some fraudsters have updated their tactics and spend a longer time planning their endgame, not all of them do. The most frequent tip-offs include:

  • poor grammar and obvious spelling mistakes
  • the messages ask for your personal information
  • the message is unsolicited and appears to be from a government, health or financial agency
  • too-good-to-be-true offer

tags


Author



Right now

Top posts

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read