Taking advantage of the current crisis and new tech tricks, email-based phishing attackers are upping their game at the moment. Here are a few things you should watch for.
It turns out that phishing attackers read the news, too.
And that’s bad news for remote workers far and wide, as attackers seize on new opportunities created by the coronavirus pandemic to plant malicious traps in workers’ inboxes. They also have a new technical trick up their sleeve. Here’s what you need to know:
Phishing attacks mimic tools like Microsoft Teams, Skype, and Zoom. Email attackers are taking advantage of the increased use of remote tools to hide their attacks. As the research firm Abnormal Security told the website Dark Reading, the messages are designed to look like those sent by the apps. “Abnormal has observed these attacks being sent to our customers in industries such as energy, retail, and hospitality,” said Ken Liao, the firm’s vice president of cybersecurity strategy. “However, these attacks are not targeted and intentionally made to be generic by attackers so they could be sent to anybody.”
Phishing attackers are using bot-fighting tools to get around spam filters. The reCaptcha wall, which Google and other providers use to separate real from fake traffic, is increasingly being used by malicious email attackers to prevent URL-detecting tools from figuring out whether a message has a phishing payload, the security firm Barracuda reports. “This technique is commonly used by legitimate companies to deter bots from scraping content,” the company’s Jonathan Tanner explains on the company’s blog. “Because end users are so familiar with being asked to solve a reCaptcha and prove they aren’t a robot, malicious use of a real reCaptcha wall also lends more credibility to the phishing site, making users more likely to be tricked.” The result is that malicious messages are more likely to appear in inboxes than they were previously.
Federal programs are being spoofed, too. As IBM’s Security Intelligence website reports, a number of phishing messages have been sent out in recent weeks taking advantage of the high interest in the federal Paycheck Protection Program. “Cybercriminals are being very calculated with their attacks and continue to pivot their tactics to lure victims,” the article states. “In fact, IBM X-Force saw that more than 50 percent of all COVID-19-related spam observed since the onset of the pandemic was sent in the two first weeks of April alone, coinciding with when the U.S. small-business relief loan program became available and stimulus checks started being issued.”