Evolution Of Phishing Attacks In The Pandemic Era

Learn how to mitigate phishing attacks during pandemic.

The Covid crisis has provided the perfect cover for malicious actors to continue with their nefarious activities. Phishing attempts have become more sophisticated today as threat actors have started employing more complicated and advanced methods to target victims. The advancements include Machine Learning techniques to lure victims into disclosing their PII (Personally Identifiable Information) or crucial financial details.

Phishing Attack Types During Covid-19

The general graphs of cyberthreats or phishing attacks today have an exclusive component for Covid-19-related attacks. The below statistics show the number of incidents triggered by the Covid-19 pandemic.

prevent phishing

Image Source: Microsoft

Below is an examination of some of the ways malicious actors have been adopting to accomplish their phishing objectives.

Fake Donation Drives

Numerous donation websites have come up in the recent past. These sites ask for a donation to help the downtrodden or the recently unemployed. They may also advertise for money to help the ones struck by the pandemic. Malicious actors divert the funds received to their accounts. It is also quite challenging to track such transactions. By the time the victim realizes what happened, the threat actor will have deleted all possible communication channels and vanished into thin air!

The Non-existent Vaccine

Even while the vaccine was still some time away, the malicious actors started false campaigns stating the shortfall in availability. Large sums of money can be collected, playing on the fears and anxiety of people. Phishing criminals may also resort to asking for personal details while impersonating themselves as Government employees or health workers. They use this information for identity thefts and other such activities.

The Fake Website

It is the most common method of phishing. Malicious actors create websites resembling the original ones, including government departments to pharmaceutical organizations providing various services related to Covid-19. They then send emails to people seeking to engage them. The idea behind creating these websites is to give the entire charade a facade of authenticity. The modus operandi of most of these websites include asking the user for their personal information, which the unsuspecting ones give away, thinking it is going to the right hands.

Bogus Refunds

With the travel and tourism industry coming to a halt this year, it is evident that most people having travel plans must have had to let go of their dreams. It turns into an even more significant issue when the money spent on bookings and tickets is lost forever. Threat actors see this as an opportunity to siphon off information from the victims by offering bogus refunds. They go to the extent of asking for their credit card or banking details, stating that the refund would be directly credited to the account. The collected information could be later put up on the dark web for sale.


what is phishing


The Videoconferencing Hack

Social distancing caused by the pandemic’s fear has led to organizations directing their employees to work remotely. It has given rise to the extensive usage of technology, such as video conferencing applications for teams to stay in touch. Malicious actors send out fake notifications using false domains of such video-conferencing applications or sites to deliver fabricated emails to phish the users.

The Job Termination Conundrum

Cut off from the organization’s other departments and working mostly in isolation, employees may face confusion and take some time to adjust to the work-from-home scenario. The malicious actors create fake emails impersonating the organization’s officials to take advantage of the situation. These emails may talk about job termination, which would naturally shock an uninformed employee. Without thinking twice, the employee may end up providing his/her official credentials, leaving the gateway of the organization’s network open for malicious actors to exploit.

Fake Covid-19 Statistics Emails

Malicious actors often send emails with headers indicating various Covid-19 statistics. Those curious to get the latest trends and numbers click on the attachment, which downloads malware into their system. Such fake emails impersonate prestigious organizations, including the WHO.

IMF Covid Compensation Email

An email with the title ‘Re: IMF Compensation’ is one method used by phishing attackers to exploit innocent users. The email talks about compensation from the International Monetary Fund (IMF) to select people. It contains the words of the IMF Director to make it appear credible and a fake IMF form to fill in with the email recipient’s critical personal data.

‘Covid Test Result’ Phishing

Another phishing email that emerged during the pandemic was the fake Covid-19 test result message. Those who have undergone tests and awaiting the outcome could think it is an email containing their results. Those who open the email could trigger a malware installation into the system.

SharePoint Impersonation

An email impersonating SharePoint started making rounds following the outbreak of the pandemic. It claimed to provide Covid-19-related information. The link included takes the user to a malicious website on AWS. The footnote mentioning that the URL would only work for the recipient creates a false sense of security.


Final Words

COVID-19 undoubtedly has wreaked havoc worldwide. To make the matter worse, numerous threat actors have emerged with newer and sophisticated methods, especially phishing emails in various forms, designed specifically to suit the pandemic times to take advantage of frustrated victims. The easiest and yet the most effective way to keep these malicious actors at bay is to stay abreast of their latest modus operandi and remain vigilant with all digital activities.

Enterprise-class email protection without the enterprise price

For flexible per-user pricing, PhishProtection’s integrated email security solution protects your employees from business email compromise (BEC) and many other email threats. 24×7. On any device. With features you’d expect in more expensive solutions:

All Plans Come With

  • Stops business email compromise (BEC)
  • Stops brand forgery emails
  • Stop threatening emails before they reach the inbox
  • Continuous link checking
  • Real-time website scanning
  • Real time alerts to users and administrators
  • Protection with settings you control
  • Protection against zero day vulnerabilities
  • Complete situational awareness from web-based console

Join 7500+ Organizations that use Phish Protection

Phish Protection works with System Administrators, IT Professionals and IT Executives in thousands of companies worldwide. Sign up and protect your organization from phishing attacks in less than 5 minutes