Security News > 2020 > May > Majority of COVID phishing attacks coming from US IP addresses, report finds
COVID-19 phishing emails have been bombarding inboxes since the virus began to spread in December and January.
Cybersecurity company INKY pored through the months of coronavirus-themed phishing emails and compiled a report on where most of them were coming from, finding that the majority of IP addresses found in email headers originated from the United States.
Dave Baggett, CEO of INKY, acknowledged that these IP addresses might be easily spoofed by more skilled attackers but explained that there were a number of reasons most attackers would be in the US. "The majority of our users are American. Phishers prefer to target victims within their own geography because it's easier to research and impersonate since it's the same culture and language," he said in an email interview, adding that non-American attackers may also want to spoof a US origin to evade geographical filters.
The report does an in-depth examination of 34 phishing email templates that the company has seen over the past few months in its work protecting clients.
The report includes snapshots of dozens of emails that look real with accents to make them look legitimate.
News URL
Related news
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- iOS devices face twice the phishing attacks of Android (source)
- China names alleged US snoops over Asian Winter Games attacks (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Low-tech phishing attacks are gaining ground (source)
- Ukrainian extradited to US for Nefilim ransomware attacks (source)
- MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks (source)