The number of phishing attacks on a newly-isolated and remotely working global population has skyrocketed by more than 600% according to the latest data.
The analysis comes courtesy of Barracuda, who purports that since the end of February, the rate of phishing scams has jumped 667% as hackers look to exploit the uncertainty, panic and fear surrounding the pandemic.
The firm recorded 137 ‘incidents’ in January, which rose to 1188 for the month of February, and has topped 9116 attacks so far this month alone.
According to reports, “the attacks used widespread awareness of the subject to trick users into handing over their log-ins and financial information, and/or unwittingly downloading malware to their computers.”
Of the recorded attacks, 54% were classified scams, 34% were brand impersonation attempts, 11% subsisted of blackmail attacks and 1% as a business email compromise (BEC) attack.
This builds upon data published less than a week ago on Forbes which revealed a 350% increase in the number of phishing websites. That report cited data from Atlas VPN, and stated that opportunistic cybercriminals were exploiting the recent jump in unemployment numbers and remote workers to gain access to their data with targeted phishing scams.
The COO of Atlas VPN, Rachel Welch told Forbes that “I believe that hackers identified coronavirus as something users are desperate to find information on… Panic leads to irrational thinking and people forget the basics of cybersecurity. Users then download malicious files to try and purchase in-demand items from unsafe websites, un result becoming victims of scams,” she said.
Phil Muncaster of Infosecurity Magazine writes that “as well as the usual lures to click through for more information on the pandemic, some scammers are claiming to sell cures and/or face-masks, while others try to elicit investment in companies producing vaccines, or donations to fight the virus and provide support to victims.”
Dean Russel, who is a sitting member of the Health and Social Care Select Committee said that “this is a new low for cyber-criminals, who are acting like piranha fish, cowardly attacking people en-masse when they are at their most vulnerable… It’s vital that the public remain vigilant against scam emails during this challenging time,” he added.
Data published by KnowBe4 claims that in organisations, a number as high as 38% of untrained end-users present a chance of infecting themselves, and the networks of their employer by opening a malicious file or clicking a link; this number is up 8% from 2019 numbers, suggesting that an influx of phishing attempts is landing cybercriminals with more fish on the hook.
KnowBe4 has also claimed, however, that this number dropped by 60% after a training session on the topic of phishing and online scammers. One of the most effective ways to mitigate the risk of this in your organisation is an information security management system like ISO 27001, so click here to find out more about the standard and how it could transform your organisation’s online safety.