Phishing attacks are becoming increasingly more targeted, according to a cyber firm. A number of new tricks have also been found – from HR dismissal emails to attacks disguised as delivery letters and parcel delay notifications, says Kaspersky.
Phishing is a strong attack method because it is done at such a large scale, the firm says. By sending massive waves of emails under the name of legitimate institutions or promoting fake pages, malicious users increase their chances of success in their hunt for victims’ credentials. According to the firm, in the second quarter of 2020, targeted attacks’ focus was on small companies. To attract attention, fraudsters forged emails and websites from organisations whose products or services could be purchased by potential victims. In the process of making these fake assets, fraudsters often did not even try to make the site appear authentic. As Kaspersky says, once a fraudster has gained access to an employee’s mailbox, they can use it to carry out further attacks on the company the employee works for, the rest of its staff, or contractors.
Kaspersky encountered various mailings that announced, for example, some amendments to the medical leave procedure, or surprised the recipient with supposed news about their dismissal. Tatyana Sidorina at the firm said: “When summarising the results of the first quarter, we assumed that COVID-19 would be the main topic for spammers and phishers for the past few months. And it certainly happened. While there was the rare spam mailing sent out without mentioning the pandemic, phishers adapted their old schemes to make them relevant for the current news agenda, as well as come up with new tricks.”
Meanwhile, the trade body UK Finance has listed ten Covid-19 and lockdown scams to be on the lookout for, and how to spot them:
Covid-19 financial support scams
Criminals have sent fake government emails designed to look like they are from government departments offering grants of up to £7,500. The emails contain links which steal personal and financial information from victims.
Fraudsters have also been sending scam emails which offer access to ‘Covid-19 relief funds’ encouraging victims to fill in a form with their personal information.
Criminals have been targeting people with official-looking emails offering a ‘council tax reduction’. These emails, which use government branding, contain links which lead to a fake government website which is used to access personal and financial information.
Fraudsters are also preying on benefit recipients, offering to help apply for Universal Credit, while taking some of the payment as an advance for their “services”.
Health scams
One of the most shocking scams that has appeared during the pandemic has involved using the NHS Test and Trace service. Criminals are preying on an anxious public by sending phishing emails and links claiming that the recipient has been in contact with someone diagnosed with Covid-19. These lead to fake websites that are used to steal personal and financial information or infect devices with malware.
Victims are also being targeted by fake adverts for Covid-related products such as hand sanitiser and face masks which do not exist.
Lockdown scams
Criminals are sending fake emails and texts claiming to be from TV Licensing, telling people they are eligible for six months of free TV license because of the coronavirus pandemic. Victims are told there has been a problem with their direct debit and are asked to click on a link that takes them to a fake website used to steal personal and financial information.
Amid a rise in the use of online TV subscription services during the lockdown, customers have been targeted by criminals sending convincing emails asking them to update their payment details by clicking on a link which is then used to steal credit card information.
Fraudsters are also exploiting those using online dating websites by creating fake profiles on social media sites used to manipulate victims into handing over their money. Often criminals will use the identities of real people to strike up relationships with their targets.
Criminals are using social media websites to advertise fake investment opportunities, encouraging victims to “take advantage of the financial downturn”. Bitcoin platforms are using emails and adverts on social media platforms to encourage unsuspecting victims to put money into fake investment companies using fake websites.
You’re warned to be on alert if:
A website address is inconsistent with that of the legitimate organisation;
A phone call, text or emails asks for financial information such as PIN, passwords;
You receive a call or email out of the blue with an urgent request for your personal or financial information, or to make an immediate payment;
You’re offered a heavily discounted or much cheaper product compared to the original price; and
There are spelling and grammar mistakes, or inconsistencies in the story you’re given
MD of Economic Crime at UK Finance, Katy Worobec, said: “During this pandemic we have seen criminals using sophisticated methods to callously exploit people’s financial concerns, impersonating trusted organisations like the NHS or HMRC, to trick them into giving away their money or information.
“The banking and finance industry is tackling fraud on every front, investing millions in advance technology to protect customers and working closely with the government and law enforcement to stop the criminal gangs responsible and neutralise the threat. We would always urge people to follow the advice of the Take Five to Stop Fraud campaign to keep their money and personal information safe from fraudsters.”
Visit the Take Five to Stop Fraud campaign website https://takefive-stopfraud.org.uk/coronavirus-fraud-and-scams/.
And RiskIQ threat researcher Jordan Herman and independent researcher Ryan Foote have reported on an ecosystem between partisan content farms that monetise through ad revenue, ad networks that take a cut of the profit, and advertisers that use the generated traffic to ensnare victims in subscription traps. Fraudulent subscriptions are for products such as dietary supplements or beauty products, and more recently, supposed remedies to COVID-19 in the form of CBD oil.
Jordan Herman said: “Scam ads leading to subscription traps seem to be endemic to content farm sites, but there’s a particular network of companies and individuals using the COVID-19 pandemic for financial gain. We wanted to do a deep dive into this ecosystem to expose how these shady practices are taking advantage of people on a massive scale and making the schemers a lot of money in the process.”
Visit: https://www.riskiq.com/resources/research/scamnation/.
