Email Security Blog

Global Phishing Pandemic? You Be the Judge

Since the start of the COVID-19 health crisis, complaints to the FBI’s Internet Crime Complaint Center (IC3) have more than tripled.1

Why are there so many of these coronavirus-related email phishing threats and where are they coming from?  INKY, a cloud-based technology company offering a ground-breaking software solution to fight phishing, gathered some of the email threats it has caught in recent months in order to answer these questions. 

Why the huge volumes of phishing emails?

While cybercrime may be the perfect felony-of-choice for criminals looking to work from home during quarantine, it’s not a skill set every thief and outlaw can simply pick up. Rather, these are sophisticated operations and today’s cybercriminals are using advanced technologies and leveraging black markets and digital currencies in order to rob companies blind. In most cases, the high volumes of phishing emails are the work of parameterized templates. In short, a hacker creates a phishing email template that has fillable fields so they can include tailored information specific to the recipient. This personalizes the phishing email, making it look as convincing as possible.   

Since INKY catches everything, they too have seen a rise in phishing threats with personalized information. Specifically, scammers are creating campaigns relating to bonus reports, COVID-19 disaster relief, pandemic food distribution, office shut downs, FedEx packages, quarantine protocols, and even information from the World Health Organization (WHO) and the White House. 

Who is behind the coronaphish?

It’s no secret that when it comes to cyberattacks and cybercrimes, Russia and China have been at the top of the list, in terms of the number and severity of attacks.2,3  It’s actually one of the giveaways with phishing emails when the grammar, spelling, and word choice don’t match up with what a friend, co-worker, or familiar company would send via email.  Interestingly enough, however, the COVID-19 phishing email’s INKY received and evaluated during the pandemic show a different slant.  When ranking phishing emails by their countries of origin, more scams originated within the United States than any other country, including Russia and China.  Does this make COVID-19 email phishing scams more difficult for the average person to identify?  Probably.  Does this make it more difficult for the INKY Phish Fence to catch these cyberthreats? Not in the least. 

See for yourself.

CEO impersonations, malicious email attachments and HTML links are just some of the criminal schemes INKY includes in its newest report: Around the World in 34 Phish: COVID-19 Phishing Examples.  In 2019, the IC3 received a total of 467,361 complaints with reported losses exceeding $3.5 billion and the main culprit driving these numbers was phishing.4 Imagine what 2020 will hold if the number of complaints is already tripling. 

There are important steps you can take to protect yourself and your company.  To begin, take a few moments to familiarize yourself with the 34 phishing examples in INKY’s report and share them with your IT department.  It’s smart business to understand what kinds of phishing scams businesses around the country are falling victim to, but you will also see what is driving the rising costs associated with cybercrime in the U.S.  Once you’ve reviewed the report, have an honest conversation about how well your company and its employees are protected from phishing threats, realizing that human error is what has caused of the downward spiral of so many companies.

Read INKY’s Report: Around the World in 34 Phish: COVID-19 Phishing Examples.

Request a free INKY demonstration.

----------------------

INKY® is the emerging hero in the war against phishing. An award-winning cloud-based email security solution, INKY® prevents the most complex phishing threats from disrupting or even immobilizing your company’s day-to-day business operations. Using computer vision, artificial intelligence, and machine learning, INKY® is the smartest investment you can make in the security of your organization. INKY® is a proud winner of the NYCx Cybersecurity Moonshot Challenge and finalist in the 2020 RSAC Innovation Sandbox Competition. Learn more about INKY® or request an online demonstration today.

 

1Source: https://thehill.com/policy/cybersecurity/493198-fbi-sees-spike-in-cyber-crime-reports-during-coronavirus-pandemic

2Source: https://www.bba.org.uk/wp-content/uploads/2015/02/red24+Cybercrime+Top+10+countries+where+attacks+originate+-++2015.pdf

3Source: https://www.usnews.com/news/best-countries/articles/2019-02-01/china-and-russia-biggest-cyber-offenders-since-2006-report-shows

4Source: https://pdf.ic3.gov/2019_IC3Report.pdf