We’re seeing a surge in phishing scams over the past few months as we continue to deal with the current worldwide pandemic.
Events that cause mass hysteria and urgency are breeding grounds for sophisticated phishing scams. So as you can imagine at the onset of COVID-19 -- with the increase in online communication for things such as filing for unemployment, increase in online shopping, and the general shift to a remote workforce – there have been several opportunities for scammers to work their way into your inbox and do what they do best.
If you are unfamiliar with the term "phishing", it's an attack method where cybercriminals trick their victims into taking a specific action such as visiting a fake online banking portal to enter your real bank information in an effort to gain access to your account.
Typically carried out by email, a cybercriminal will purchase a bulk list of email addresses from the dark web and send out messages that appears to come from a legit source with malicious content attached to it. Phishing emails can include attachments that contains Ransomware – which can lock down your network until you pay a ransom in bitcoin -- or they often contain a link to a fake website, like the previously mentioned online banking example mentions.
As the name suggests, phishing scams casts a wide net and hope they get a few bites. In years past, we could identify a phishing attack quite easily. If you got an email from a Nigerian prince asking for a wire transfer, it's safe to say that was a scam. But today cybercriminals have become much more sophisticated and are using more advanced phishing campaigns with email spoofing and social engineering to create more targeted, believable messages in order to obtain your personal or business information.
Over the past few months, cybercriminals have been sending COVID-19 related messages to disguise themselves as reliable sources. In addition to emails, scammers are also using text and robocalls.
Here are a few phishing scams that have been reported recently to keep an eye out for:
- Emails about your unemployment or stimulus check status
- Fake updates from an employer about policies or procedures to address the risk of COVID-19
- Emails from your bank or mortgage company to defer your loan payments
- Scams about COVID-19 self-testing Kit
- Fake emails selling healthcare benefits related to the virus
- Free subscriptions of Netflix during the pandemic
ANP has a few cybersecurity services, including cybersecurity awareness training to keep your business protected from phishing scams and other external threats. Talk to your vCIO or contact us today at (215) 572-0111 to discuss how ANP can stop phishing attacks and other cyber threats from hurting your business.