Understanding Email Security Threats and BEC Trends During the Pandemic

The COVID-19 pandemic has paved the way for a flood of cybersecurity threats, including email-based phishing threats. Cybercrooks are adopting various techniques to bypass the email security to pilfer credentials, send malicious attachments and links, conduct business email compromise, and deliver fake landing pages. Furthermore, they are using spoofed emails as a significant source for the delivery of a variety of malware and scams, among others, in the past five months. 

How much is too much?

  • A report from Barracuda Networks revealed that, by the end of February alone, there was a 667% spike in email-based attacks themed around the disease.
  • Google revealed that Gmail faced 18 million daily malware and phishing emails related to COVID-19 in the past few weeks.

Impersonation fraud is on the rise

  • According to Mimecast’s ‘The State of Email Security 2020’, impersonation fraud increased by 30% in the first 100 days of COVID-19. 
  • WHO and IRS are two of the well-known organizations to be impersonated for such attacks.
  • Since the start of the pandemic, WHO witnessed an increase in email-based attacks targeting the public at large. Most of these attacks are designed to channel donations to a fictitious fund and not the authentic COVID-19 Solidary Response Fund.
  • Scammers also impersonated the officials of the IRS and sent out emails on behalf of them to gather personal information from individuals.

Creative attack themes make it more difficult 

  • Attack themes created around the pandemic news cycle are used to trick unsuspecting individuals into parting away with their funds or sharing details or installing malware.
  • Some of the COVID-19 themes used as lures by the bad actors include testing and vaccines, financial relief benefits, and stimulus payments.

Adopting BEC trends for more payment frauds

  • Researchers from Abnormal Security found that BEC attacks became more sophisticated than ever in the first quarter of 2020.
  • Unlike the usual BEC scam that relies on spoofing C-suite executives, the research revealed that attackers are now impersonating employees working in finance and external vendors for their campaigns.
  • BEC attacks using financial employees’ to trick victims witnessed an 87% rise in the first quarter of 2020.
  • The quarter also saw a new trend wherein cybercriminals shifted the scope of their targets from individuals to groups.

What to learn from this?

Users should understand that cybercrooks are capitalizing on fear and uncertainty around COVID-19 to scam recipients out of their personal data. Moreover, threat actors are leveraging trusted entities and using spoofed accounts to distribute malware. Therefore, recipients must be extra careful with familiar sender names that originate from Gmail or other well-known general domains.