Blog_Image_3

 

Here are 100 actual examples of scam/spam emails hackers are using out in the wild. The “bad guys” are getting more and more creative- REALLY taking advantage of the situation we're in. It's more important than ever to make sure you only click on trusted emails from trusted sources.

Note from our partner KnowBe4 below:

[Heads-Up] Feeding Frenzy: COVID-19 Phishing Attacks Surge As U.S. Reels From Pandemic

By Eric Howes, KnowBe4 Principal Lab Researcher.

Having already published three blog pieces on the epidemic of Coronavirus-themed phishing emails and spam/scam offerings online, we were wondering what else the bad guys might be ginning up for stressed-out users and IT folks working the trenches. The answer arrived this week as COVID-19-themed phishes exploded.

On Monday and Tuesday customers [reported] a massive surge in virus-themed phishing emails. Although we had already seen 90 percent of those emails over the previous days and weeks (and had documented them in our first three blog pieces), we were nonetheless surprised by the sheer volume of emails reported -- a phenomenon we suspect may have been driven by the dramatic escalation of the COVID-19 health crisis in the United States at the end of the previous week.

On Wednesday and Thursday, though, customers began reporting an entirely new set of phishing emails. Curiously, most of these apparently "new" phishing emails were somehow also strangely familiar (more on that in a bit).

In this fourth installment of our COVID-19 phishing reports, we will review the new crop of Coronavirus phishing emails that landed this week. And, as before, we will be offering a generous helping of screenshots so that you and your users and employees know what to look for.

The Three Waves Before tackling the very latest phishing emails reported to us by customers, we thought it might be useful to do a quick review of the development of COVID-19-themed phishing emails that we've been tracking since early February.


Looking back, we can now discern three distinct waves of phishing emails reported by customers.

1. The first wave, which began growing slowing over the course of February and early March, mainly involved straightforward spoofs of the CDC (Centers for Disease Control), WHO (World Health Organization), and a few other reputable authorities including HR departments within targeted organizations. These spoofs generally purported to offer information and updates on the unfolding crisis, leveraging the trust vested in those spoofed authorities to trick users into clicking through links and attachments to malicious content (mostly credentials phishes, but occasionally malware, including Emotet).

During that time period we also observed a rather predictable rise in spam/scam emails trading on fear and confusion to push the usual variety of dodgy products and services -- fake vaccines, price-gouged health care products (masks, sanitizers), as well as books, videos, and bogus "miracle cures."

2. In the second wave, malicious actors began experimenting with new and novel social engineering schemes -- some more successful and convincing than others. If nothing else, though, this second wave demonstrated that the bad guys were seriously committed to exploiting the chaos and growing hysteria over the spread of virus by rapidly developing a larger menu of phishing templates.

We covered the first and second waves of Coronavirus phishes in our earlier blog pieces. This second wave, in particular, proved to be relatively brief and was soon overtaken by a massive wave of new virus-themed phishing emails that crashed into users' inboxes starting Wednesday and Thursday.

3. The third wave, which arrived mid-week, saw the bad guys building out their repertoire of customized social engineering schemes by re-purposing a wide variety of older phishing emails -- all those golden oldies so depressingly familiar to end users and IT departments alike, now newly re-invigorated and sent into battle once again under the banner of the mighty Coronavirus.

It's that third wave of re-purposed, "standard" phishing emails that we'll be focusing on in this blog piece, for it turns out that the Coronavirus is always the perfect complement to whatever phishing campaigns your average bad guy happens to enjoy running.

We should note that we will not be covering the kinds of more traditional spam/scam emails that we did in our earlier blog pieces. Those emails are still in circulation, but they've now been utterly eclipsed by the sheer volume of truly malicious phishing emails washing into users' inboxes.

Continued at the KnowBe4 blog with more than 100 examples (!) of live in-the-wild screenshots.