Phishing grows by 220% as cyber criminals leverage COVID-19 pandemic

Over half of all phishing websites mimicked large brands

According to new research, cyber crime has risen sharply as criminals continue taking advantage of the global coronavirus pandemic in their attacks. 

In its fourth Phishing and Fraud Report, cyber security firm F5 Labs has seen phishing attempts increase by 220% over the past few months. And there is no sign of this trend slowing down anytime soon, as F5 predicts the number of phishing attacks to grow 15% year-on-year. 

Most coronavirus-themed phishing campaigns have focused on fraudulent donations to fake charities, credential harvesting and malware delivery, explained F5. 

“The risk of being phished is higher than ever and fraudsters are increasingly using digital certificates to make their sites appear genuine,” said David Warburton, senior threat evangelist at F5 Labs. 

“Attackers are also quick to jump onto emotive trends and COVID-19 will continue to fuel an already significant threat. Unfortunately, our research indicates that security controls, user training and overall awareness still appear to be falling short across the world.”  

Opportunistic phishing attacks 

During the pandemic, attackers have been far more opportunistic with their attacks. When analyzing digital certificates, F5 discovered that 14,940 used the words “covid” and “corona” — allegedly, to evoke an emotional response from victims. 

What’s more, over half of phishing websites (52%) masqueraded as major brands. The most impersonated companies were Amazon, Paypal, Apple, WhatsApp, Microsoft Office, Netflix and Instagram.

After conducting a phishing attack, perpetrators would use the compromised passwords within four hours. And hackers conducted many of these attacks in real-time to obtain multi-factor authentication codes. 

Furthermore, around 20% of phishing URLs were WordPress sites, up from 4.7% three years ago, and cyber crooks used free domain names to make their attacks more cost-effective. 

In 2020, attackers have taken several steps to trick victims into thinking phishing websites are legitimate. For example, F5 found 72% of phishing websites used genuine HTTPS certificates, and 100% of drop zones employed TLS encryption.

Taking action against phishing

Warburton warned that people will continue to fall victim to these attacks "as long as there is a human that can be psychologically manipulated in some way."

Related Resource

Best practices for protecting remote work

Staying safe and secure while working from home

Download now

Therefore, he explained that "security controls and web browsers alike must become more proficient at highlighting fraudulent sites to users.”

He added, “Individuals and organizations also need to be continuously trained on the latest techniques used by fraudsters. Crucially, there needs to be a big emphasis on the way attackers are hijacking emerging trends such as COVID-19.”

Featured Resources

Next-generation time series: Forecasting for the real world, not the ideal world

Solve time series problems with AI

Free download

The future of productivity

Driving your business forward with Microsoft Office 365

Free download

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Free download

A quantitative comparison of UPS monitoring and servicing approaches across edge environments

Effective UPS fleet management

Free download

Recommended

Ransomware hit industrial sector the hardest in the third quarter
ransomware

Ransomware hit industrial sector the hardest in the third quarter

25 Oct 2021
Tesco services knocked offline after suspected cyber attack
hacking

Tesco services knocked offline after suspected cyber attack

25 Oct 2021
Microsoft touts new cyber security help for nonprofits
cyber security

Microsoft touts new cyber security help for nonprofits

22 Oct 2021
Ofcom report reveals alarming uptick in smishing attacks
scams

Ofcom report reveals alarming uptick in smishing attacks

22 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Royal Mint to recover gold from smartphones and laptops in world first
Technology

Royal Mint to recover gold from smartphones and laptops in world first

21 Oct 2021