COVID-19 Themed Attacks Ramp up, Become the Biggest Phishing Threat | Cyware Alerts

As the pandemic continues to impact the world, hackers are making headway on new phishing schemes that leverage users’ fears, doubt, and uncertainty around COVID-19. New research from KnowBe4 has revealed that coronavirus-related phishing emails remained the most promising attack type during the third-quarter of 2020 and will continue to foray into the last quarter. 

Email subject lines used in the wild

According to KnowBe4, the following email subject lines based around COVID-19 were popular among threat actors:
  • Payroll Deduction Form 
  • Please review the leave law requirements 
  • Password Check Required Immediately 
  • Required to read or complete: “COVID-19 Safety Policy” 
  • COVID-19 Remote Work Policy Update 
  • Vacation Policy Update 
  • Scheduled Server Maintenance — No Internet Access 
  • Your team shared the “COVID 19 Amendment and Emergency leave pay policy” with you via OneDrive 
  • Official Quarantine Notice 
  • COVID-19: Return To Work Guidelines and Requirements 

A sneak peek into recent phishing trends 

  • Armorblox spotted a new credential phishing campaign that exploited the IRS, coronavirus, and SharePoint to trick users. The email promised an important update on the recipient’s COVID-19 relief funds to be disbursed to the person’s address. Instead, it was used to spread the personal information of users.
  • Towards the end of September, scammers leveraged the recent COVID-19 financial grant announced by Facebook as bait to steal users’ identity. In this attempt, a fake CNBC news was used to post the announcement.
  • In mid-September, U.K business owners were targeted in a new phishing scam that impersonated Her Majesty’s Revenue and Customs (HMRC) and informed victims about the new updates on COVID-19 tax relief.

What else?

Besides phishing, the pandemic became a popular channel to spread malware. In an incident, cybercrooks had used the ‘U.S. President testing positive for COVID-19’ theme to distribute BazarLoader malware.

Key takeaway

Since the beginning of 2020, the pandemic has opened a variety of opportunities for new and unique espionage attacks. The year, moreover, witnessed a spike in attacks from state-sponsored actors in a bid to steal vaccine development research. At a time when ransomware kits are sold on the dark web, hackers leveraging COVID-19 for malicious activities have become even more concerning.  

Source link

Recent articles

Welcome to News – Happy 80th birthday to ‘The King’

Today is Pele’s 80th birthday ‘The King’ left an incomparable legacy in...

A Colorado Wildfire Just Climbed Over the Rockies. In October.

Smoke rises from a wildfire in Colorado on Thursday.Photo: David Zalubowski (AP)Every time you think you’ve seen it...

Lifetime Deal: “Master Addons” for Elementor / WordPress

Quickly and easily create your own stunning website with this Master Addons and Elementor for WordPress combo deal. Boost your design creativity today...

Arctic Wolf Valued at $1.3 Billion After $200 Million Funding Round

Security operations company Arctic Wolf on Thursday announced the closing of a $200 million Series E funding round that values it at $1.3...

Top Investigator in Google Case Says There ‘Was Not a Rush’ to Sue

Jeffrey A. Rosen, the deputy attorney general, wouldn’t normally oversee an antitrust investigation into Google. It would usually fall to the head of...

Xi says China not afraid of war in speech to mark Korean War | China

Chinese president strikes assertive, nationalist tone in address apparently aimed at United States.President Xi Jinping warned on Friday that China was not afraid...

Leave a reply

Please enter your comment!
Please enter your name here