Quote:Phishing attacks looking to take advantage of interest and fear around the COVID-19 health crisis are becoming a pandemic themselves – and apparently cybercriminals are looking to conserve resources by leaning on their older stockpiles of weapons to keep the infection wave going.
Or Katz, a researcher at Akamai, said in a posting on Thursday that older phishing kits that were previously deployed and then retired are being pressed back into service in order to target those working from home. In fact, Akamai researchers have seen recycled phishing kits from as far back as July being used in coronavirus-based phishing attacks now.
Millions of Americans are telecommuting due to self-isolation, mandated quarantine or corporate policies as coronavirus infections continue to spike. Akamai’s team, like many others in the security community, has recently observed phishing attacks that start with SMS messages or emails that direct victims to domains “seemingly related to COVID-19 news, governmental updates, or health-related products and services.”
In the latest attacks, which have been seen globally, victims that click the link are directed to one domain and then immediately redirected to yet another. The second domain spoofs big brands like Microsoft, Orange France and eBay, or health resources such as the World Health Organization or local medical experts.
“By pretending to be an insurance company, bank, medical expert or other trusted brand, criminals are convincing victims to trust them,” Katz wrote. “Once trust is established, the criminal is betting on the victim doing as asked, by opening malicious attachments, following malicious links, and releasing sensitive personal information, in order to enable access to critical applications and services.”
Read more: https://threatpost.com/covid-19-scam-scr...le/154383/
![[-]](https://www.geeks.fyi/images/collapse.png)
