Phishing is booming – despite, or perhaps because of Corona. Shortly after the outbreak of the crisis, the first phishing attacks became known that used motifs around Covid-19. According to the German Federal Criminal Police Office, a veritable flood of phishing attacks hit private individuals and companies starting in March 2020. As early as April 2020, the Internet service Google reported that it was blocking around 18 million Corona-related phishing emails – every day. Whether it's supposed requests for tests, offers of masks or other protective gear, or even purported registrations for vaccination or applications for emergency aid: While the pandemic is pushing many companies to the brink of existence, the mood among cyber criminals is one of gold-digging instead of crisis. The perpetrators are constantly trying new tricks to lure their victims into a trap with fraudulent e-mails, deceptively genuine websites or harmful links. The attackers have also long since discovered alternative channels for themselves and have since made diligent use of social media or short message services.
Beware of unknown messages with reference to Covid-19
For many cybercriminals, Covid-19 has turned out to be a real goldmine. The aim is always to obtain personal or confidential data. The following therefore applies: Caution is always advised with messages relating to Covid-19 whose sender cannot be clearly identified. This also applies if the sender claims to be contacting you on behalf of highly official bodies such as the health or employment authorities. It is not uncommon for phishing e-mails to appear deceptively genuine. The attackers often try to construct a threatening scenario in order to increase the pressure on the potential victim to act. But how can companies effectively protect themselves and their employees from such phishing attacks?
Old scam – new story
Basically, the modus operandi of phishing attacks has not changed – what is new, however, are the constructed stories with which the victims' trust is to be gained. After more and more users had to soften up to the digital world during the crisis, cyber criminals find more opportunities than ever before. The continued uncertainty of many employees in dealing with the pandemic is a significant contributor to the success of phishing campaigns. That's why comprehensive education is paramount to successfully fending off phishing attacks. In addition to open corporate communications and regular awareness campaigns, professional training on how to deal with phishing plays a fundamental role. In times of home office, interactive e-learning courses have proven their worth. They can be used flexibly in terms of location and time, with optimum control of success and costs.
Raise your workforce's awareness of phishing with our e-learning course "Phishing - Safe from Digital Data Theft".