COVID-19 brings onslaught of phishing scams

Coronavirus has unfortunately not put an end to cyberscams, as KnowBe4, which provides a security awareness training and simulated phishing platform, said its researchers are seeing an influx of coronavirus-related phishing scams.

According to the firm, COVID-19 phishing scams have arrived in three successive waves. The first wave brought phishing attacks offering basic information about the pandemic as well as spam/scam emails pushing questionable products and services. Many of these fraudulently claimed to come from organizations such as the World Health Organization and the Centers for Disease Control.

The second wave brought new and novel phishes that saw cyber criminals trying new approaches to trick users into clicking through to malicious content. Now in the third wave, KnowBe4 researchers report seeing repurposed standard phishing templates turned into coronavirus-related phishing scams. 

"I've never seen anything remotely like this," said Eric Howes, principal lab researcher, KnowBe4. "The cyber criminals who weren't running coronavirus-related phishing scams have now gotten in on these types of scams. With the majority of the global workforce now working from home, everyone needs to be extra vigilant when clicking on links and downloading attachments from emails, especially if the email is related to the coronavirus."

According to KnowBe4, cyber criminals are taking advantage of the global pandemic by creating new ways to scam people based on fear tactics. According to the Official Cybercrime Report by Cybersecurity Ventures, cybercrime damage costs may double due to the COVID-19 outbreak. Also, cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015.