The Latest COVID-19 Phishing Attacks to be Aware of (Plus 21+ COVID-19 Cybersecurity Statistics)
Last Updated on April 11, 2024 by James Wilson
The COVID-19 pandemic has claimed hundreds of thousands of lives worldwide, caused mass unemployment, and changed the way many people live their lives. Even the most economically well-off and stable places are concerned whether they will be able to find new jobs or keep hold of the ones they already have.
Will businesses recover? Will we be able to adapt to this new way of life? Coronavirus is still very much upon us, with regional lockdowns still in place, restricting people’s movements. Naturally, COVID-19 has forced many of us to spend more time at home on the internet, purchasing goods, searching for jobs, and reading the latest news about the pandemic.
The upward trend of internet usage in 2020 has unfortunately attracted online scammers who are exploiting the vulnerable; people’s fears and concerns are being leveraged to steal personal data, credit card information, and passwords.
At UK Web Host Review, we’ve put together all the latest 2020 statistics on cybersecurity and phishing scams including many COVID scams that are happening right now!
What Are Phishing Scams?
Phishing scams occur when scammers attempt to trick people into providing personal information like bank account details, passwords, etc. Scammers will usually contact individuals via telephone, text, or email and pretend to be a legitimate company. This is why it’s highly recommended to use a VPN.
For example, if a scammer is pretending to be your bank, they may ask for personal details to confirm customer records are up to date. Phishing scams are designed to look genuine which is how they are so effective.
Phishing scammers put a lot of time and effort into making things look real; they’ll use familiar logos, website addresses, and email addresses in an attempt to trick you into clicking a link or downloading a malicious file.
Malicious Domains
A recent report found that over 86,600 domains of the 1.2 million newly registered domain names, which contained keywords relating to COVID-19 between 9th March 2020 and 26th April 2020 are classified as malicious. The U.S., Germany, Russia, and Italy are said to have the highest number of malicious COVID-19 related domains registered.
ProPrivacy, a U.K. based privacy group has announced that around 700 to 1,200 malicious domains are being registered every day. Lead researcher, Sean McGrath, said: “The reality is that malicious actors have not given up, but are now focusing their efforts in more targeted ways. Phishing campaigns are focusing on users’ “intimate concerns” such as when children will go back to school or potential job losses, increasing their “potency and efficacy”.
That really hits the nail on the head because scammers are focussing on the concerns people have as they evolve. When the Coronavirus pandemic really kicked off, people were worried about whether masks and PPE were available, how many testing kits there would be, and other information about the pandemic. Scammers were jumping all over the trends at the time and have continued to move forward as trends change.
GoDaddy is one of the largest web hosting providers in the world, and unfortunately, this is the place that the majority of malicious activity has been located, with many of the malicious COVID-19 websites being hosted with GoDaddy.
GoDaddy has confirmed they have already removed fraudulent sites and will continue to do so. They’ve said they will investigate any and all reports of abuse.
HMRC Phishing Scam
Existing COVID-related HMRC phishing scams are continuing to be exploited, with recent discoveries uncovered by Griffin Law. Scammers are now targeting the self-employed with attempts made to obtain passport details, personal details, and bank details.
Scammers begin by texting individuals pretending to be HMRC, informing them that they are due a tax refund, directing them to a website using HMRC branding entitled “Coronavirus (COVID-19) guidance and support.”
Once the individual reaches the malicious site they are asked for sensitive information including their passport number to ‘verify’ their identity. Over 100 self-employed workers have reported such scams, with multiple types of phishing attacks targeting businesses and individuals.
COVID-19 Phishing Emails
COVID-19 phishing emails take multiple forms, all of which are designed to come across as genuine and professional. Here are just some of the Coronavirus phishing emails we’ve come across:
CDC
Phishing emails are being sent to look like they come from the U.S. Centers for Disease Control (CDC). The email claims to offer an updated list of Coronavirus cases in your area, advising people to look at the cases for safety hazards.
The email below has been taken from the U.S. Health and Human Services website:
Scammers encourage individuals to click on links that look genuine by masking them with a URL that looks plausible. If you hover over the link you’ll notice the URL is in fact very different:
Workplace Policy Emails
Workplace email accounts have been targeted by cybercriminals, providing details of updated company policy in relation to disease management. The policy is, of course, fake, however, comes across as genuine by providing the company name, including a link to the (fake) company policy, and is often signed by Human Resources.
Health Advice Emails
More and more fake health advice emails are being sent from scammers offering safety measures regarding the spread of Coronavirus. These emails state that “little measures can save you”, preying on people’s fears and vulnerabilities.
5 Ways You Can Recognise & Avoid Phishing Emails
Whilst phishing emails are dangerous and malicious, there are steps you can take to recognise these kinds of emails without falling prey to scammers. Here are 5 ways in which you can detect and avoid phishing emails:
- Question requests for personal information: No genuine company or legitimate government organisation will ever request your personal information, data, or details via email. If an email requests this kind of information, do not respond with your personal data.
- Check links and email address: As mentioned briefly earlier, you can usually detect a malicious email from the links contained within. You can inspect the email address an email originated from and hover your mouse over URLs to reveal what they are. In a lot of cases, email addresses and URLs can be easily detected, however, this isn’t always the case and they can be less obvious. Delete any email you don’t trust and contact the legitimate organisation if you have any concerns.
- Spelling mistakes: Most phishing emails contain incorrect grammar and spelling mistakes. Whilst we’re all guilty of human error, these emails are usually riddled with errors that are easy to spot.
- Generic greetings: Emails that start with “Dear Sir or Madam” or “Hello friend” are likely to be phishing emails. If a genuine company or organisation needs to contact you, they will have your details and will be able to address you correctly.
- Urgent and act now: Phishing emails are designed to present a sense of urgency, asking you to “act now”. The idea is that if you feel under pressure or a time-sensitive issue arises, you are more likely to click a link without questioning it. If an email asks you to click on a link with a sense of urgency, delete it.
Whilst the media is rife with Coronavirus news and reporting if you have any concerns about the reliability of sources providing information, it’s always best to seek resources from government offices and genuine health care organisations.
COVID-19 Cybersecurity & Phishing Statistics 2020
Following the declaration of COVID-19 being a worldwide pandemic, by the World Health Organization (WHO), life as we know it changed dramatically. Towns and cities quickly emptied, rivers and seas stilled, hospitals became busier than ever, and businesses around the globe closed their doors.
Unfortunately, it is very common for cybercriminals to take advantage of a global crisis. Cybercrime leverages vulnerabilities, so as you can imagine, COVID-19 hasn’t been any different. Here’s a look at some key Coronavirus-related cybersecurity statistics in 2020:
- 47% of employees said the main reason they fell for a phishing scam whilst working from home was that they were distracted (Tessian)
- 83% of technology firms reported new customer inquiries in April 2020, 36% of these being in the cybersecurity sector (CompTIA)
- Web application breaches have doubled since 2019 (Verizon)
- 81% of cybersecurity professionals reported their job function has changed during the pandemic (ISC2)
- Data breaches in the healthcare industry have risen by 58% in 2020 (Verizon)
- 76% of remote workers said that working from home would increase the time it takes to identify and contain a breach (IBM)
- In March 2020, the search term “how to remove a virus” increased by 42% (Google Trends)
- The average cost of a data breach has increased to around £108,500 due to remote work (IBM)
- Mobile VPN usage saw an increase of 8.3% between January to March 2020 (WatchGuard)
- Between March and May 2020, visits to popular hacker websites increased by 66% (Cybernews)
- In April 2020, 450 current WHO email addresses and many COVID-19 response team’s email addresses were leaked (WHO)
- Over 470 fake online stores selling fraudulent COVID-19 items were taken down in the U.K. (ZDNet)
- Over 500,000 Zoom user accounts were sold on a dark web forum (CPO Magazine)
- Google blocked 18 million daily malware and phishing emails related to Coronavirus in April 2020 (Google)
- Over the month of March, scams increased by 400% which means COVID-19 is the largest ever security threat (ReedSmith)
- Each day, over 1700 high-risk Coronavirus-related domains are created (Palo Alto Networks)
- 54% of Britons who had a loss of income due to Coronavirus were also victims of a cyber scam (Computing)
- Cybercrime costs are estimated to reach £4.75 trillion annually by 2021 (Cybersecurity Ventures)
- As of July 8th 2020, victims of COVID-19 related scams in the U.K. have lost over £8.7 million (Action Fraud)
- Between January to July 2020, there were over 216,000 network attacks in the Asia-Pacific region (WatchGuard)
- Cyberattacks against the republic of Korea were higher than the worldwide average in early March when COVID-19 first arrived to the country (Microsoft)
- Zoom account credentials are sold on the dark web for as little as £0.0016 (CPO Magazine)
Can We Combat COVID-19 Phishing Emails?
Whilst we can’t physically stop the influx of COVID-19 phishing emails, we can be aware of them and question the validity of emails that are sent to us. ProPrivacy have suggested individuals should stop believing incoming emails and emails requesting immediate action should be treated with caution.
The National Cyber Security Centre (NCSC) has provided an email address where U.K. internet users can report suspicious emails at report@phishing.gov.uk
Between April and May 2020, over 160,000 suspicious emails were reported to the NCSC using their Suspicious Email Reporting Service. Many of these emails were offering fake testing its, face masks, etc. The British public has helped over 300 bogus websites to be removed.
References
- https://www.comptia.org/newsroom/press-releases/2020/05/20/technology-companies-weathering-the-pandemic-storm
- https://enterprise.verizon.com/resources/reports/2020-data-breach-investigations-report.pdf
- https://www.isc2.org/News-and-Events/Press-Room/Posts/2020/04/28/ISC2-Survey-Finds-Cybersecurity-Professionals-Being-Repurposed-During-COVID-19-Pandemic
- https://www.ibm.com/security/digital-assets/cost-data-breach-report/#/
- https://trends.google.com/trends/explore?q=how%20to%20remove%20a%20virus&geo=US
- https://www.ibm.com/security/data-breach
- https://www.watchguard.com/wgrd-resource-center/security-report-q1-2020
- https://cybernews.com/security/data-suggests-unprecedented-interest-in-cybercrime-during-pandemic/
- https://www.who.int/news-room/detail/23-04-2020-who-reports-fivefold-increase-in-cyber-attacks-urges-vigilance
- https://www.zdnet.com/article/2000-coronavirus-scammers-taken-offline-in-major-phishing-crackdown/
- https://www.cpomagazine.com/cyber-security/half-a-million-zoom-accounts-compromised-by-credential-stuffing-sold-on-dark-web/
- https://cloud.google.com/blog/products/identity-security/protecting-against-cyber-threats-during-covid-19-and-beyond
- https://www.reedsmith.com/en/perspectives/2020/03/coronavirus-is-now-possibly-the-largest-ever-security-threat
- https://unit42.paloaltonetworks.com/covid-19-cloud-threat-landscape/
- https://www.computing.co.uk/news/4016501/britons-targeted-scammers-start-coronavirus-crisis-citizens-advice-reveals
- https://www.prnewswire.com/news-releases/cybercrime-damage-costs-may-double-due-to-coronavirus-covid-19-outbreak-301027007.html
- https://www.actionfraud.police.uk/covid19
- https://www.secplicity.org/threat-landscape/?s=2020-01-01&e=2020-07-31&type=all®ion=apac
- https://www.microsoft.com/security/blog/2020/06/16/exploiting-a-crisis-how-cybercriminals-behaved-during-the-outbreak/
Download this infographic.