It may come as no surprise; phishers and scammers are using the avalanche of new information and events about the coronavirus pandemic as a way to phish more victims. That is according to the security awareness training and simulated phishing platform KnowBe4.
Stu Sjouwerman, CEO at KnowBe4 said: “These phishing scams are becoming more aggressive and more targeted as this pandemic continues. Everyone should remain very sceptical of any email related to COVID-19 coming into their inbox.”
In the second quarter of 2020, KnowBe4 examined tens of thousands of email subject lines from simulated phishing tests. Thye also reviewed ‘in-the-wild’ email subject lines that show actual emails users received and reported to their IT departments as suspicious. Top ten suspect general email subjects were:
Password Check Required Immediately
Vacation Policy Update
Branch/Corporate Reopening Schedule
COVID-19 awareness
Coronavirus Stimulus Checks
List of Rescheduled Meetings Due to COVID-19
Confidential Information on COVID-19
COVID-19 – Now airborne, Increased community transmission
Fedex Tracking
Your meeting attendees are waiting!
And as for what the firm called ‘in-the-wild’ email subject lines, it found the most common over the quarter included:
Microsoft: Abnormal log in activity on Microsoft account
Chase: Stimulus Funds
HR: Company Policy Notification: COVID-19 – Test & Trace Guidelines
Zoom: Restriction Notice Alert
Jira: [JIRA] A task was assigned to you
HR: Vacation Policy Update
Ring: Karen has shared a Ring Video with you
Workplace: [[company_name]] invited you to use Workplace
IT: ATTENTION: Security Violation
Earn money working from home.
Visit www.knowbe4.com.
Separately, Positive Technologies has analysed cyberattacks in the first quarter of 2020 and found that the number of attacks increased by nearly a quarter compared to the quarter before. Yana Avezova, Positive Technologies analyst said: “Hackers were quick to use common concerns about coronavirus as lures in phishing emails. An estimated 13 percent of all phishing emails in Q1 2020 were related to COVID-19. Of those, about a half (44 per cent) targeted individuals. One out of every five emails was sent to government agencies.”
Comment
Boris Cipot, senior security engineer at Synopsys, said: “As one can see from the subject titles, phishing emails are really just feeding on people’s current state of mind. At present, there will likely be some reference to the coronavirus pandemic, the need to virtually connect with someone over Zoom or simply a sense of insecurity whilst working for home, particularly when technology is not cooperating. Phishing emails are tailored to reflect on-going situations, as it makes it easier for bad actors to leverage the fears and insecurities of the recipient.
“To overcome such attacks efficiently, recipients need to first, be aware of them and how credible they may seem. Training employees is the best way to start. Secondly, individuals should avoid clicking on links in emails. If you receive an email from someone, double-check the URL. Is it really Zoom or is it a link looking to imitate a Zoom URL? Be aware that just by visiting a webpage, one might inadvertently download unwanted code or malware.”
