Summer is at its peak, and the online scammers are still doing whatever they can to take advantage of the uncertainty caused by the pandemic.
Cyber-attacks are targeting businesses and consumers in multiple countries, with the trend showing no signs of slowing down. Recently, COVID-19 scams and attacks grew in number, with emails being the primary mode of infection for most users. What are the latest trends the scammers use to steal information and financial details from potential victims? Let's take a look.
Covid-19 Phishing Scams Are Still Going Strong
In the last few months, a steady increase of coronavirus-themed emails was observed by security researchers, with fraudsters still using the pandemic to spread malicious links and attachments. Many of the cases were impersonating agencies and official organizations such as the World Health Organization (WHO).
Some of the latest attempts include an evolution of the malicious attachments that infect the recipients when they open them. Scammers also act in ways attempting to imitate government agencies, hoping to use the temporary ban on import and export of goods, as well as financial institutions providing COVID-19 financial relief. Scammers also marketed fake coronavirus cures with alleged miracle drugs capable of curing the infection "within five days." Other examples of COVID-19 schemes include scams regarding protective gear such as facemasks.
Spikes in phishing emails were also observed, relating to various financial institutions. The campaign targeted Standard Bank customers, beginning on May 14, and then continued into the midst of June, with changes in activity levels.
Another phishing campaign mimics the World Bank, with nearly 81% of the correspondence being impersonated, turning out to be malicious. Scammers often take advantage of the popularity of money transfer companies such as Moneygram to run their operations. A flow of emails was observed between June 23 and July 1, with about 2% of the fraudster emails sing the company's name. In a twist of irony, the scammers were offering to compensate victims who previously paid off scammers.
How Can We Recognize a Phishing Scam?
Most phishing emails appeared innocent, originating from what seemed to be a trusted source, such as ministries of health, centers for public health, banks, or government organizations. The emails contained malicious attachments and embedded links that deployed malware on the victim's device once opened. The malware allowed cybercriminals to take control of the victim's computer, log keyboard activity, access personal and financial data, and deploy ransomware.
Cybercriminals try to capitalize on the sense of urgency and worry, making it possible to miss the visible telltale signs. Most of the scams' symptoms may be obvious, such as offers that are too good to be true, unsolicited messages asking for personal information, and emails with glaring spelling and grammar mistakes.