Cybercriminals are now repurposing standard phishing templates adding a Corona spin on it
“With the lock down imposed from midnight this Thursday March 26th, many South Africans are already or are preparing to work from home. Cybercriminals are jumping on this opportunity as remote workers make for softer targets. Times like these riddled with uncertainty and panic, make people more vulnerable to emotional phishing messages and fake websites using the guise of Corona updates.” says Anna Collard, MD KnowBe4 Africa.
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced its researchers are seeing an influx of coronavirus-related phishing scams.
COVID-19 phishing scams have arrived in three successive waves. The first wave brought phishing attacks offering basic information about the pandemic as well as spam/scam emails pushing questionable products and services. Many of these seemed to come from organizations such as the World Health Organization and the Centers for Disease Control. The second wave brought new and novel phishes that saw cyber criminals trying new approaches to trick users into clicking through to malicious content. Now in the third wave, our researchers report seeing repurposed standard phishing templates turned into coronavirus-related phishing scams.
“I’ve never seen anything remotely like this,” said Eric Howes, principal lab researcher, KnowBe4. “The cyber criminals who weren’t running coronavirus-related phishing scams have now gotten in on these types of scams. With the majority of the global workforce now working from home, everyone needs to be extra vigilant when clicking on links and downloading attachments from emails, especially if the email is related to the coronavirus.”
Cyber criminals are taking advantage of the global pandemic by creating new ways to scam people based on fear tactics. According to the Official Cybercrime Report by Cybersecurity Ventures, cybercrime damage costs may double due to the COVID-19 outbreak. Also, cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015.
For more information as well as free tools on how to work from home securely, visit the KnowBe4 Blog.
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 31,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4’s Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as the last line of defense.