Phishing is one of the oldest and most flexible types of social engineering attacks. They are used in many ways, and for different purposes, to lure unwary users to a specific site and trick them into entering personal information. The latter often includes financial credentials such as bank account passwords or payment card details, or login details for social media accounts. This kind of a cyber attack is becoming increasingly rampant.

COMMERCIAL BREAK
SCROLL TO CONTINUE READING

Now, during these times of coronavirus pandemic, things have deteriorated even more as new tricks are being used, including job dismissal emails from HR departments, reveals Kaspersky’s new spam and phishing in Q2 2020 report. 

Jack of all trades: new tricks for old purposes 

The news agenda, following the COVID-19 outbreak, has already influenced the “excuses” fraudsters use when asking for personal information. This included disguising their communications with unsuspecting users as: 

Delivery services. At the peak of the pandemic, organizations responsible for delivering letters and parcels were in a hurry to notify recipients of possible delays. These are the types of emails that fraudsters began to fake, with victims asked to open an attachment to find out the address of a warehouse where they could pick up a shipment that did not reach its destination. 

Postal services. Another relatively original move used by fraudsters was a message containing a small image of a postal receipt. The scammers expected that the intrigued recipient would accept the attachment (which, although it contained ‘JPG’ in the name, was an executable archive) as the full version and decide to open it. The Noon spyware was found in mailings such as these examined by Kaspersky researchers. 

WATCH Samsung Galaxy Note 20 Ultra review

Financial services. Bank phishing attacks in the second quarter were often carried out using emails offering various benefits and bonuses to customers of credit institutions due to the pandemic. Emails received by users contained a file with instructions or links to get more details. As a result, depending on the scheme, fraudsters could gain access to users’ computers, personal data, or authentication data for various services. 

HR services. The weakening of the economy during the pandemic in a number of countries caused a wave of unemployment, and fraudsters did not miss this opportunity to strike. Kaspersky experts encountered various mails that announced, for example, some amendments to the medical leave procedure, or surprised the recipient with the news about their dismissal. In some attachments, there was a Trojan-Downloader.MSOffice.SLoad.gen file. This Trojan is most often used for downloading and installing encryptors. 

What should you do? 

- Always check online addresses in unknown or unexpected messages, whether it is the web address of the site where you are being directed, the link address in a message and even the sender’s email address, to make sure they are genuine and that the link in the message doesn’t hide another hyperlink. 

- If you are not sure that the website is genuine and secure, never enter your credentials. If you think that you may have entered your login and password on a fake page, immediately change your password and call your bank or other payment provider if you think your card details were compromised.