![covid phishing email examples covid phishing email examples](https://www.ofcom.org.uk/__data/assets/image/0026/193265/coronavirus-phishing-scam.jpg)
Old techniques, such as creating a unique fake page using JavaScript, were combined in Q1 with overtly business-themed phishing emails. The link also required entering corporate account credentials. The messages talked about recent updates and suggested checking the availability of the resource. In the Runet (Russian internet), we found an email seemingly from the support department of an analytics portal. The link redirected them to a phishing page requesting their Microsoft account credentials. For example, a “notification” from Microsoft Planner invited the user to review their tasks for the coming month. By blending into the workflow, the scammers calculate that the user will be persuaded to follow the link and enter data on a fake page. To counter people’s increasingly wary attitude to emails from outside, attackers try to give their mailings a respectable look, disguising them as messages from business tools and services. Corporate segment: on-the-job fraudĬorporate usernames and passwords remain a coveted prize for scammers. Most if not all of the time, the “business partners” simply vanish into thin air after receiving the agreed prepayment. Such offers may look very favorable, but the likelihood of a successful deal is zero. The emails mentioned lots of products related to diagnosis and treatment of the virus, but the emphasis was on the sale of vaccination syringes. The vaccination topic could hardly be ignored by spammers offering services on behalf of Chinese manufacturers. However, if the victim went ahead and entered their bank card details, the amount charged was several times higher. In some cases, the attackers also asked for payment of a token amount for delivery. Having consented to receive the prize, the user was asked to fill out a detailed form with personal information.
![covid phishing email examples covid phishing email examples](https://www.netsafe.org.nz/wp-content/uploads/2020/02/COVID-19scamexample.jpg)
After answering the questions, the victim was redirected to a page with the “gift.” Participants were promised a gift or cash reward for their help. The message invited the recipient to take part in a short survey. Scammers sent out emails in the name of large pharmaceutical companies producing COVID-19 vaccines, or of certain individuals.
![covid phishing email examples covid phishing email examples](https://www.avertium.com/hubfs/Imported_Blog_Media/scam-offer-covid-vaccine-1024x612.png)
If the victim followed all the instructions on the fake website, they handed their money and personal data to the attackers.Īnother way to gain access to users’ personal data and purse strings was through fake vaccination surveys. In both cases, to make a vaccination appointment, a form had to be filled out with personal data and in the first case, the phishers also wanted bank card details. In another mailing, the attackers focused on age - people over 65 were asked to contact a clinic to receive a vaccine. In it, the recipient was invited to be vaccinated, having first confirmed their participation in the program by clicking on the link. For instance, some UK residents received an email that appeared to come from the country’s National Health Service. Cybercriminals took advantage of people’s desire to get vaccinated as quickly as possible. In this case, the focus was on copying the external attributes of the bank’s website to create a near-indistinguishable phishing version.ĬOVID-19 vaccination was one of the hottest global topics, and hence highly attractive to scammers. However, users of specific banks were also targeted. The attacks were mostly aimed at stealing any card details and personal data. The links in their messages took the victim to a well-designed phishing pages with official emblems, business language and references to relevant laws. In Q1 2021, scammers imitating bank emails began to focus on compensation. This past year, cybercriminals have actively exploited the topic of government payouts, most often in relation to damage caused by the pandemic. The link pointed to a fake Outlook authorization page. In particular, in a newsletter purporting to be from the MKB bank, recipients were asked to catch up on the latest news about the pandemic and measures taken by the bank. To lure users to their sites, phishers exploited the COVID-19 topic.
#Covid phishing email examples code#
In actual fact, scanning the code resulted in a data leak, money theft or device infection, if it contained a link to a web page with malware. The fraudsters invited the victim to scan a QR code in an email, ostensibly to unblock mobile banking. Clients of several Dutch banks faced a phishing attack using QR codes. In Q1 2021, new banking scams appeared alongside ones that are more traditional. Quarterly highlights Banking phishing: new version of an old scheme