Good sportsmanship doesn’t apply in the cybercrime world. In fact, if hackers had a World Series, they would probably beat the losing team with their bats on the way out of the stadium. The same applies to the latest round of phishing emails that have been wreaking havoc on individuals and companies in the U.S. over the past few weeks.
During the early part of the COVID-19 pandemic, The FBI’s Internet Crime Complaint Center (IC3) saw an increase in phishing emails which preyed upon our fears, as many of us were ordered to stay and shelter. This first round of phishing scams exploited our initial anxieties and included1
- Deceptive emails from the Center of Disease Control (CDC) offering information on the coronavirus
- Phishing emails asking for charitable contributions to help those effected by COVID-19
- Phony airline carrier refunds
- Fraudulent coronavirus testing kits
- Fake COVID-19 testing kits
- Counterfeit treatments and promises of personal protective equipment (PPE)
Looking back, it’s easy to recall the fear and uncertainty that made those phishing threats so worrisome. We were overrun with thousands of early COVID-19 phishing threats. Today, those same emails would be much easier to recognize as the works of overly zealous hackers trying to cash in on the pandemic.
A lot has changed since the early weeks and months of the pandemic. Millions have lost their jobs and continue to struggle to find new ones. Unemployment relief payments under the CARES Act began, but have since dried up for many. One round of government stimulus checks was delivered, but the promises of a second round have yet to be decided upon. Eviction and foreclosure protections were instituted, but are due to expire in many states. The list goes on.
These very heavy burdens have brought many to a desperate place. It has also made them the perfect targets for cybercriminals without a conscience. Hackers and phishers who prey on those at their lowest point can be found in abundance. That’s what makes this latest round of cybercriminals so despicable. They’re focused on hitting those who are already down.
How do they do it? At INKY, we have been fighting phish and catching bad guys for years. In our latest report, entitled, “The Newest Wave of Pandemic Phish Are Attacking Without Conscience” you can find examples of some very sophisticated pandemic phishing emails that are designed to harvest credentials from those who are out of work and in need of assistance. Without INKY in place, these types of phishing scams could take down any one of us. That said, we encourage you to become familiar with the newest wave of pandemic phishing threats and, while you’re at it, schedule a free INKY demonstration to see just how well INKY can protect your organization from costly phishing threats.
Pandemic phishing emails are a nasty thing. However, we’d like to leave you on a brighter note. In lieu of the dire situations the pandemic has delivered, we’ve also seen a lot of good. Really good. Thousands of frontline workers have courageously battled the pandemic so that lives might be saved. Neighbors have gotten closer, families tighter. Messages of hope, courage, and mindfulness have helped to ease our burdens. Together we are fighting an invisible enemy and we will prevail. In the meantime, the team at INKY will continue our battle against cybercrime in order to keep as many of you safe from the perils of pandemic phishing attacks as possible.
Stay safe online and at home.
INKY® is the emerging hero in the war against phishing. An award-winning cloud-based email security solution, INKY® prevents the most complex phishing threats from disrupting or even immobilizing your company’s day-to-day business operations. Using computer vision, artificial intelligence, and machine learning, INKY® is the smartest investment you can make in the security of your organization. INKY® is a proud winner of the NYCx Cybersecurity Moonshot Challenge and finalist in the 2020 RSAC Innovation Sandbox Competition. Learn more about INKY® or request an online demonstration today.