COVID-19 Themed Phishing Attacks

September 25, 2020

While some businesses are still not operating at full throttle these days, cybercrime and the tried and true method of email fraud are still going strong. A report by Agari, the “H2 2020 Email Fraud & Identity Deception Trends” report even found an increase of 3,000% in phishing attacks using COVID-19 as a theme between March and June. That’s no comfort at all.

The same report stated a couple of other significant statistics:

  • 70% increase in business email compromise (BEC) scams that originated from free webmail accounts
  • Impersonation attacks using trusted individuals associated with the World Health Organization (WHO), the Centers for Disease Control (CDC), and others were up to the tune of 22%

The good news from the researchers is that the COVID-19 themed BEC attacks seem to have leveled out at the end of June after an increase earlier that same month.

What hasn’t changed is how to combat these at the office and at home.

  • Don’t open attachments or click links that are unexpected or come from unknown senders.
  • Verify any wire transfers or banking transactions with the requestor using voice, a personal visit to his or her desk if possible, or by constructing a completely new email message using a known email address before taking any action.
  • Verify the URL for any financial transactions to make sure any actions, including logging in, are done on your trusted financial institution’s website and not a spoofed one.
  • Always keep your devices updated.

Remember that if there is ever a sense of urgency in an email or text request, it’s not so urgent you can’t take some time to verify it first.

Stickley on Security