PHISHING WITH GOVERNMENT BAIT HOOKS UNWARY EMPLOYEES

by Amelia Paro

These Clever Government Phishing Scams Can Quickly Ensnare Employees


Cybercriminals are constantly evolving their phishing techniques, but that doesn’t mean that they don’t like to turn to their old favorites sometimes and a classic scam is enjoying a new life right now: fake messages from supposed government entities. From unemployment-related sham emails to bogus health department surveys, cybercriminals are taking advantage of high email volumes, employee confusion and economic uncertainty to unleash a blizzard of phishing scams that mimic communications from government entities.

Phishing exploded during the pandemic and it hasn’t slowed down. More than 70% of organizations around the world experienced a phishing attack in 2020. That’s an overall increase of 42% over 2019. Some categories like ransomware experienced triple-digit growth. The advent of the pandemic marked an unprecedented increase in phishing risk in Q2 2020, with phishing threats exploding by an estimated 660% according to Google, which also reported uncovering 18 million daily malware and phishing emails in 2020. 

That epic flood of emails was launched with a wave of messages that claimed to contain important information about the virus and lockdowns, many carrying ransomware. One infamous scam involved spoofing emails from the World Health Organization. Cybercriminals were using pandemic stress and uncertainty to persuade the targets to download a map of COVID-19 transmission in their area. A similar scam used the popularity of John’s Hopkins University’s live Coronavirus COVID-19 Global Cases map to lure in victims with purported updates – but those updates were actually ransomware. The chaotic rollout of federal COVID-19 relief checks in the US also created a rich hunting ground for bad actors.

Comments are closed.