COVID-19 Phishing Scams Exploit Online Rumor Mill

There is an explosion of extremely believable COVID-19 phishing scams. They are precisely targeted spear phishing. This shows how cybercriminals exploit Dark Web information and the online rumor mill for profit. Months into the global pandemic, cybercriminals are still using COVID-19 messaging. They do this by taking advantage of the worldwide fear and uncertainty around the disease, what causes it, and relief efforts for those affected by it. Scams grow more imaginative and more believable. This is because bad actors fashion bait that capitalizes on the rumor to create COVID-19 phishing scams that look more genuine than ever.

COVID-19 phishing scams are everywhere.

Phishing scams are by far the biggest type of attack threat based on exploitation that businesses face. Phishing is up more than 600% since the start of the pandemic. Thus, this favorite of cybercriminals has surged in popularity and creativity with disastrous results for unwary organizations. Scam emails from the World Health Organization (WHO) have been a particular problem. As a result, many organizations are instructing users to simply delete any email from WHO. They do this even if it appears safe or is expected, just to avoid potential problems.

Scammers are also milking their opportunity to get people’s payment information for all it’s worth. As the US rolls out pandemic relief and business aid checks, scammers imitate government and official-looking correspondence. As a result, people are tricked into providing them with bank information. Scammers also use information about getting charitable help or government relief to steal login credentials.

Dark Web information adds to executive threats.

C-suite executives and privileged users have been especially juicy targets for bad actors. Unfortunately, many organizations limit phishing awareness training to the rank-and-file. As a result, the executives who are more vulnerable to well-crafted spear phishing attacks are left out. Many companies don’t consider the risk of giving executive users high-level access to systems and data. That privileged access makes them incredibly valuable targets for scammers. This then creates cascading problems if their logins are compromised.

Every user at every level in every organization needs to be regularly trained and tested on phishing awareness. Phishing attacks can land in any corner of an organization. A drastic increase in phishing attack dangers across the board means that all companies need to increase phishing resistance training to compensate.

Rent-A-Nerd, Inc. is the ideal solution to mitigate these threats.

We’re ready to put our expertise to work for you to help you create the strongest possible defense against phishing – a well-trained staff that’s ready to fight back. We work with clients who have an internal IT department as well as those who seek a managed services provider to handle all of their technology needs. Our Enhanced Cybersecurity product includes technological protections as well as training and other resources. We’ll even run a free Dark Web scan of your business domain to see if your credentials are already out there. If you’d like to discuss your business’s cybersecurity needs, give us a call at 504-301-1094. Or click here and we’ll be in touch.

Categories

Related Posts