COVID-19 brought more than just a virus that’s spread all over the world. It has wreaked havoc virtually too.
Since there have been an increase in cyberattacks, users have become more vigilant against pandemic phishing.
The world’s largest security awareness training and simulated phishing platform, KnowBe4, has conducted research that revealed that fact.
The results show the Q1 2021 top-clicked phishing report.
Becoming more vigilant, states security report
It’s not just hackers that are becoming more intelligent with their scam strategies, users are also becoming more vigilant and tech-savvy to phishing attacks such as email phishing and more.
COVID-19 related phishing emails reported to IT departments that were about password checks still continue to rise. Also, social media messages are becoming popular too.
Above all, at 42%, the LinkedIn phishing messages top the list for the social media subject to watch out for.
With COVID-19 being around for over a year now and employees becoming more aware of the types of scams that have come out related to the pandemic, cyber criminals are having less success with related phishing attacks. While users are becoming more savvy regarding COVID-19 phishing attacks, there is a steady increase of those falling for security-related email scams. The bad guys go with what works and in Q1, nearly a third of the users who fell for a phishing email clicked on one related to a password check. Always check with your IT department through a known good phone number, email address or internal system before clicking on an email related to checking or changing a password because it only takes one wrong click to cause monumental damage.Stu Sjouwerman, CEO, KnowBe4
KnowBe4 has examined thousands of email subjects in the first quarter of this year. The company also reviewed ‘in-the-wild’ email subject lines –– this reveals actual emails the users received and reported as suspicious to their respective IT departments.
And according to the company, these are the email subjects to watch out for:
- Password Check Required Immediately
- Revised Vacation & Sick Time Policy
- COVID-19 Remote Work Policy Update
- COVID-19 Vaccine Interest Survey
- Important: Dress Code Changes
- Scheduled Server Maintenance — No Internet Access
- De-activation of [[email]] in Process
- Test of the [[company name]] Emergency Notification System
- Scanned image from MX2310U[[domain]]
- Recent Activity Report.
A scam that users should be aware of…
In other news, the Chartered Trading Standards Institute, or CTSI, has received a video recording of an automated telephone message stating that the National Insurance number of the recipient “will be terminated due to some unethical financial transactions.” This particular scam is one that has been widely distributed to the public during the COVID-19 pandemic lockdown. The message states:
This call is in regards to your National Insurance number. Ignoring this final warning may lead you to legal troubles. The reason behind this phone call is to inform you that your National Insurance number will be terminated due to some unethical financial transactions.Automated message from the National Insurance telephone scam
The recording would go on to say “please press ‘1’ to get more details.”
Before you press the button, be aware that this call is a data harvesting attempt, which could then lead to identity theft. Once the recipient pushes the button, he/she will get in touch with the scammer who will verify the National Insurance number.
Little might the recipient know that he/she has unknowingly revealed his/her personal data making them vulnerable to all kinds of attacks.
This scam is despicable in its attempt to scare the public with the threat of losing their National Insurance number at this challenging time for everyone. It’s astounding that these unscrupulous scammers refer to unethical transactions as the reason. If you receive this call, do not ever press ‘1’ and please warn others about it. Also, report it to the authorities, such as Action Fraud, or in Scotland, Police Scotland. Reporting all instances of fraud helps consumer protectors establish a clearer picture of the landscape and the true scale of this problem.Katherine Hart, Lead Officer at CTSI
Be vigilant, stay vigilant
Even though the public is more aware of many kinds of cyberattacks, experts still warn them to keep on their toes. This time is a very challenging one for everyone, and for some, they do whatever it takes just to live –– even if it means creating these kinds of schemes.