COVID-19 Phishing Scams: what are the red flags?
Unfortunately, cyber criminals always seek to take advantage of a crisis. It is sadly no surprise, therefore, that over 500 scams relating to coronavirus and over 2000 phishing attempts have been reported to UK officials, with total losses of over £1.6 million attributed to these. Proofpoint have reported that 80% of the online threat landscape is using COVID-19 as a theme in their attacks, finding 500,000 phishing messages across 140 campaigns seeking to exploit COVID-19 since January 2020.
In this video, I talk how cyber criminals are exploiting the COVID-19 crisis with social engineering, what red flags people should look out for and what people can do to better-protect themselves:
Some of the scams which have come to light over the last couple of months include:
A phishing email which was made to look like it came from the World Health Organisation, seeking bitcoin donations
Phishing messages with fake special offers, for example one made to appear like it was coming from the UK supermarket Morrisons offering a voucher
An email campaign targeting Microsoft Office 365 credentials at a large Canadian company with the subject 'Staff Member Confirmed COVID 19 Positive' and a malicious attachment masquerading as the company's new protocol in light of a member of staff testing positive
Scam SMS texts shared after the legitimate UK Government text about COVID-19, for example a phish that appeared as a text from UK's HMRC encouraging people to click a link to access a supposed goodwill payment
Twitter accounts hijacked to advertise websites that claimed to sell masks and toilet paper
Stay safe and well 💜