Security News > 2020 > April > Top Email Protections Fail in Latest COVID-19 Phishing Campaign
The Cofense Phishing Defense Center discovered new phishing attacks that use socially engineered emails promising access to important information about cases of COVID-19 in the receiver's local area, according to a blog post published Tuesday by Cofense researcher Kian Mahdavi.
"While these secure email gateways are designed to safeguard end users from clicking on malicious links and attachments, both failed in a new phishing attack we recently observed," Mahdavi wrote in the post.
Once the phishing emails get past the Proofpoint and Microsoft Office 365 ATPs, the actor spoofs the sender email address and uses keywords in the subject to trick the targeted victim into believing the emails come from a trusted source of information regarding COVID-19.
The subject of the email - "HIGH-RISK: New confirmed cases in your city" - also is designed to trick users into thinking the message will offer vital information legitimately related to the novel coronavirus, he said.
In addition to using promised information from the WHO to lure users in phishing emails, attackers also have been targeting the organization itself, with cyber-attacks on WHO doubling since the COVID-19 outbreak, officials said.
News URL
https://threatpost.com/top-email-protections-fail-covid-19-phishing/154329/
Related news
- Beware of phishing emails delivering backdoored Linux VMs! (source)
- New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Phishing emails increasingly use SVG attachments to evade detection (source)