Pandemic’s phishing season has begun!

Out and about; the ‘phishermen’ are looking to catch some bait

‘Social distancing’ has quickly become the new standard. It was introduced to slow down, or in a best-case scenario even stop, the spread of Covid-19. For some companies this means a new way of working; allowing employees to work from home.

As staff moves away from a secure office network to an arguably much less secure environment like their homes, not all companies were eager to allow their employees to start working from home as this brings extra security risks, like cybersecurity. But Corona is cruel and gave them no choice. Unfortunately, these less secure extended corporate networks present cybercriminals with an almost impossible-to-resist opportunity to become Corona’s sidekick.

Phishing, and other advanced email attacks targeting businesses, increasingly use impersonation as if they were legitimate employees. And you’d be surprised how the information gleaned from out-of-office emails during sick days or vacations can be used to pull off scams.

Phishing for COVID-19

COVID-19 has become such an important topic in life, criminals have been using these words to make sure to draw your attention. The goal to scare recipients with an email having COVID or CORONA in the subject line, has quickly proven to be efficient and made their phishing sprees easier. All they had to do now was pray for a victim good enough to bite their line and to provide them with some nice login credentials or even grant access to the installation of malware.

The evolution of attacks

There has been a significant evolution in types of attacks on email accounts. Basic Antivirus & Antispam have already become ancient history. Cybercriminals are constantly trying to find new methods and new ways to breach your security that companies should even look further than protecting themselves against these so called ‘Advanced Targeted Attacks’. This can be done by extending their defense beyond the perimeter, for example by protecting their brand and using domain analysis.

Protect your brand

Criminals often use brand impersonation to compromise a company’s customers and partners. A brand’s name that has been harmed, might cost money, credentials, personal information and most of all will probably lose its credibility, which is extremely difficult to recover from. Unfortunately, these impersonations are too easy for hackers to create and are, on top of that, very hard to uncover. 

Therefore, email security companies are providing that extra layer of protection to block these brand attacks even before they have been launched. How? By using machine learning and quadrillions of targeted scans to identify even unknown attack patterns at an early stage by blocking compromised assets before they become live attacks. Once an active attack is discovered, quick remediation is absolute key to minimize damage.

Protect yourself, both from COVID-19 and hackers. Better safe than sorry!


Want to know more?