Criminals boost their schemes with COVID-19 themed phishing templates

2020-05-15 11:49

Phishers are incessantly pumping out COVID-19 themed phishing campaigns and refining the malicious pages the targets are directed to.

"Credential phishing attackers often tailor their email lures with themes they believe will be the most effective and use general websites for actual credential harvesting. The recent move to create custom COVID-19 payment phishing templates indicates that buyers view them as effective enough to warrant custom tactics to harvest credentials," Proofpoint researchers have noted.

The crooks have put in a lot of effort into creating convincing phishing page templates to impersonate these organizations and make it easier to quickly set up new pages once current ones get blacklisted.

Most of the templates aren't exact copies of the impersonated websites, but they do copy their look and feel - and that's often enough to fool many targets.

For example: the multi-layered template that spoofs the legitimate Canadian government website starts with a page that asks users to chose whether they want to continue using the site in English or French, and then offers the credential phishing pages in the chosen language.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/kweG86zYwB8/

#covid19 #criminal #phishing