Cybercriminals have been taking advantage of the ongoing coronavirus pandemic, using COVID-19 and renowned brands as lures in phishing emails, in an attempt to steal victim’s credentials. Recently, some professionals hacking agencies were also seen using coronavirus-themed attacks to lure unsuspecting victims.
What happened now
In March 2020, World Health Organization (WHO) had published an alert, providing warning against impersonation attempts using its brand name. But still, several hackers continue to use its brand name to lure their victims.
In May 2020, several India-based “Hack-for-hire” organizations were spotted creating Gmail accounts that spoof the WHO to send coronavirus-themed phishing emails.
These fake legitimate-looking login pages attempted to convince the victims to hand over their Google account credentials and Personally Identifiable Information (PII).
In this wave of attacks, the attackers mostly targeted business leaders in financial services, consulting, and healthcare organizations, across several countries, including the US, Bahrain, Canada, Cyprus, India, Slovenia, and the U.K.
Similar attempts have been observed frequently in the past few months.
In May 2020, hackers had created COVID-19-themed credential phishing website templates to impersonate as numerous governments and trusted NGOs such as the WHO and others to lure them into financial assistance.
In April 2020, the Charming Kitten advanced persistent threat (APT) group was observed targeting medical and healthcare professionals by mimicked as the WHO’s internal email system to steal passwords from multiple agency staffers.
Other Brands Impersonated as well
Besides WHO, hackers have been targeting several renowned numerous governments, non-governmental organizations, and popular brand names to ..
Support the originator by clicking the read the rest link below.
