As we have observed over the past month, there has been no shortage of coronavirus-themed cyber attack campaigns. Dare we say, the campaigns even parallel the pandemic spread of the actual virus. Coronavirus is the biggest news on the planet, and cyber attackers are not ones to pass up an opportunity, no matter how tragic. Multiple factors contribute to the volume of related scams, but the biggest common denominator is arguably end users. There are multiple attack tactics per day - too numerous to keep up-to-date – that are taking advantage of vulnerable and distracted end users. The ploys are the same, but the deluge is unprecedented; nonetheless, we must stay abreast of the tactics and lures so we can keep users aware so they do not fall victim. To that end, Tripwire has a regular weekly feature (COVID-19 Scam Roundup) that does a great job summarizing several scams (some we have covered).
Other noteworthy scams:
- BEC Gift Card Scams Move Online During COVID-19 Pandemic – Email security firm Agari notes BEC scammers are asking shuddered users to purchase “E-gift” cards. Read the post for several examples of the phishing emails.
- Phishing Email Spoofing Office 365 Asks Users to Review Quarantined Messages – Another email security firm, MailGuard, shows examples of a recent Office 365 ploy to steal credentials by asking users to check their quarantined messages.
Keep alert and stay cyber safe!
