Some great resources on COVID-19 and its use in phishing attacks and social engineering from GreatHorn. Kevin O’Brien, CEO and co-founder, and his team at cloud-based email security firm analyzed a representative sampling of 1 billion emails over the past 10 weeks and discovered the following:
- There were 15 times as many phishing attacks during the first two weeks of March as there were for the entire month of January.
- Coronavirus-related email threats more than doubled from February to March, and as of March 14, made up 2% of all email traffic. In February, these threats made up only .35% of email traffic.
- When comparing threat volume to the timeline of events, the first increase in attacks correlates with the announcement of the first death in China. The huge increase in March corresponds to the first U.S. death on Jan. 29.
- In analyzing the threats, GreatHorn found that malicious actors rely heavily on impersonation tactics (ex: “official” CDC announcements and HR / executive communications) and either masked or lookalike URLs (e.g., CDC, WHO, OneDrive), typically seeking credentials or either confidential or financial information.
According to O’Brien, “Cybercriminals often take advantage of major world events that capitalize on public attention. The COVID-19 pandemic represents a perfect storm for exploitation – fear, personal interest and safety, worldwide attention, disruptions to daily life and work habits, and unexpected changes to business practices and communication patterns. It is no surprise that we are seeing widespread attempts to harvest credentials, authorize fraudulent wire transfers, and deploy ransomware. To keep users safe, organizations should evaluate business policies related to high-risk events, such as wire transfers, and build mechanisms for in-the-moment education and context into email so that users can make informed decisions before interacting with suspicious emails.”
To help combat the increased risk from phishing, GreatHorn is offering a Workforce Protection Program – giving organizations full access to the GreatHorn Email Security platform for free for 60 days without restriction on functionality.