Nearly half of successful phishing tests state urgent messages prompting victims to change their passwords immediately.
According to a report released today by simulated phishing platform KnowBe4, their most successful simulated phishing attack was an email prompting users to change their passwords.
Forty percent of successful social media related phishing tests used LinkedIn as a lure, tempting duplicitous clicks from users with promises of new profile views, connection requests or security updates.
How Threat Actors are using the Pandemic
COVID-19 phishing related attacks were up by an unprecedented 600 percent.
In fact, 10 percent of their successful phishing test attacks were Coronavirus related.
So far KnowBe4 have examined tens of thousands of email subject lines from simulated phishing tests. The organisation also reviewed “in the wild” email subject lines that show actual emails users received and reported to their IT departments as suspicious.
A joint alert released by the National Cyber Security Council (NCSC) and Homeland Security also picked up on this threat, stating that malicious actors are taking advantage of human traits such as curiosity and concern around the coronavirus pandemic. This advantage can be used to tempt a user to click on a link or download an app, either of which may lead to a phishing website or the inadvertent downloading of malware.
To create the impression of authenticity, malicious cyber actors may spoof sender information in an email, which means to make it appear to be from a trustworthy source such as the World Health Organization (WHO) or an individual with “Dr.” in their title.
In several examples, phishing attempts claim to be from an organisation’s human resources (HR) department and advise the employee to open the attachment.
The CEO of KnowBe4 had this to say about their conclusions from the data they fielded in the first quarter of 2020:
“The bad guys are opportunists and they will use every chance they get to take advantage of people’s heightened emotions during crisis situations such as this one, by trying to entice them into clicking on a malicious link or to download an attachment laced with malware.
“It’s no surprise that we’re seeing an explosion of phishing attacks related to the coronavirus because people are actively seeking more information about it. End users should be especially careful with any email they receive related to COVID-19 and immediately report suspicious looking emails to their IT departments”.
Don’t Forget About the Other Scams
However, despite their uptick in growth, Coronavirus related phishing campaigns are still dwarfed by other day to day phishing content.
Dr Jamie Collier, Cyber Threat Intelligence Team Lead at Digital Shadows explained this threat further to Computer Business Review:
“Despite the rise in malicious Coronavirus emails, they only account for a relatively small proportion of total phishing campaigns seen in the threat landscape. Whilst it is therefore important to educate users about pandemic-related social engineering tactics, security teams must ensure that this does not create a distraction from addressing established phishing lures that comprise the majority of phishing attempts and remain as effective as ever”.