KnowBe4, a provider of security awareness training and simulated phishing platform, recently announced that its researchers are seeing an influx of coronavirus-related phishing scams.
Researches say that Covid-19 phishing scams have arrived in three successive waves.
The first wave brought phishing attacks offering basic information about the pandemic as well as spam/scam emails pushing questionable products and services. Many of these seemed to come from organisations such as the World Health Organization and the Centers for Disease Control.
The second wave brought new and novel phishes that saw cybercriminals trying new approaches to trick users into clicking through to malicious content.
Now in the third wave, researchers report seeing repurposed standard phishing templates turned into coronavirus-related phishing scams.
“I’ve never seen anything remotely like this,” said Eric Howes, principal lab researcher at KnowBe4. “The cybercriminals who weren’t running coronavirus-related phishing scams have now gotten in on these types of scams. With the majority of the global workforce now working from home, everyone needs to be extra vigilant when clicking on links and downloading attachments from emails, especially if the email is related to the coronavirus.”
Cybercriminals are taking advantage of the global pandemic by creating new ways to scam people based on fear tactics. According to the Official Cybercrime Report by Cybersecurity Ventures, cybercrime damage costs may double due to the Covid-19 outbreak. Also, cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015.