Security News > 2022 > October > Credential phishing attacks continue to exploit COVID-19 to target businesses
Credential phishing attacks continue to exploit COVID-19 to target businesses.
Since early 2020, the coronavirus pandemic has given cyber criminals another area that's ripe for exploitation as they try to trick individuals and businesses into divulging sensitive information.
In a report published Wednesday, Oct. 11, email security provider Inky discusses a recent phishing campaign that takes advantage of COVID-19 in an attempt to steal financial account details from business users.
Promising grant money to all businesses and organizations, with no need to pay it back, the phishing email includes an "Apply Now" button that takes users to a survey form that must be filled out to determine if they're eligible for the grant.
Using Google Forms to create and host the survey is a clever method as this is a free tool trusted by businesses and one that's likely to avoid security detection.
Also See Share: Credential phishing attacks continue to exploit COVID-19 to target businesses.
News URL
https://www.techrepublic.com/article/credential-phishing-targets-businesses/
Related news
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)
- Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials (source)