--- title: "Evolution Of Phishing Attacks In The Pandemic Era | Phish Protection" description: "Evolution Of Phishing Attacks In The Pandemic Era: The Covid crisis has provided the perfect cover for malicious actors to continue with their nefarious." image: "https://phishprotection.com/images/og-default.png" canonical: "https://phishprotection.com/evolution-of-phishing-attacks-in-pandemic-era/" --- # Evolution Of Phishing Attacks In The Pandemic Era ## Evolution Of Phishing Attacks In The Pandemic Era ### Learn how to mitigate phishing attacks during pandemic. [Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) ``` ###### [SECURITY RESOURCES](/resources/) ``` ### [PLANS AND PRICING](/pricing/) ### [PHISHING PROTECTION](/) _The Covid crisis has provided the perfect cover for malicious actors to continue with their nefarious activities_. [Phishing attempts](/blog/beware-of-omicron-phishing-scams/) have become more sophisticated today as threat actors have started employing more complicated and advanced methods to target victims. The advancements include [Machine Learning techniques](/blog/machine-learning-helps-fighting-phishing-attacks/) to lure victims into disclosing their PII (Personally Identifiable Information) or crucial financial details. ### Phishing Attack Types During Covid-19 The general graphs of cyberthreats or **phishing attacks** today have an exclusive component for Covid-19-related attacks. The below statistics show the number of incidents triggered by the [Covid-19 pandemic](/blog/increased-phishing-attacks-during-pandemic-how-to-stay-safe-and-relevant-post-covid-era/). ![Microsoft Phishing Attack Graph Covid 19](https://media.mailhop.org/phishprotection/images/2022/02/microsoft-phishing-attack-graph-covid-19.png) Image Source: [Microsoft](https://www.microsoft.com/security/blog/2020/06/16/exploiting-a-crisis-how-cybercriminals-behaved-during-the-outbreak/) Below is an examination of some of the ways malicious actors have been adopting to accomplish their phishing objectives. ![Anti Phishing Services 1](https://media.mailhop.org/phishprotection/images/2019/01/anti-phishing-services-1.png) #### Fake Donation Drives Numerous donation websites have come up in the recent past. These sites ask for a [donation to help](https://www.kaspersky.co.in/resource-center/threats/coronavirus-charity-scams-how-to-protect-yourself) the downtrodden or the recently unemployed. They may also advertise for money to help the ones struck by the pandemic. _Malicious actors divert the funds received to their accounts_. It is also quite challenging to track such transactions. By the time the victim realizes what happened, the threat actor will have deleted all possible communication channels and vanished into thin air! #### The Non-existent Vaccine Even while the vaccine was still some time away, the malicious actors started [false campaigns](https://www.fda.gov/consumers/consumer-updates/beware-fraudulent-coronavirus-tests-vaccines-and-treatments) stating the shortfall in availability. _Large sums of money can be collected, playing on the fears and anxiety of people_. Phishing criminals may also resort to asking for personal details while impersonating themselves as Government employees or health workers. They use this information for [identity thefts](/resources/phishing-identity-theft/) and other such activities. #### The Fake Website It is the most common **method of phishing**. Malicious actors create [websites resembling the original](https://www.aarp.org/money/scams-fraud/info-2020/coronavirus.html) ones, including government departments to pharmaceutical organizations providing various services related to Covid-19\. They then send emails to people seeking to engage them. The idea behind creating these websites is to give the entire charade a facade of authenticity. The modus operandi of most of these websites include asking the user for their personal information, which the unsuspecting ones give away, thinking it is going to the right hands. #### Bogus Refunds With the travel and tourism industry coming to a halt this year, it is evident that most people having travel plans must have had to let go of their dreams. It turns into an even more significant issue when the money spent on bookings and tickets is **lost forever**. _Threat actors see this as an opportunity to siphon off information from the victims by offering bogus refunds_. They go to the extent of asking for their credit card or banking details, stating that the refund would be directly credited to the account. The collected information could be later put up on the **dark web** for sale. ![Phishing Protection From Covid19 Scams](https://media.mailhop.org/phishprotection/images/2022/02/phishing-protection-from-covid19-scams.jpg) #### The Videoconferencing Hack _Social distancing caused by the pandemic’s fear has led to organizations directing their employees to work remotely_. It has given rise to the extensive usage of technology, such as [video conferencing applications](https://www.chicagotribune.com/coronavirus/ct-coronavirus-zoombombing-20200401-wf2pvzqhbngitankuokvinvk2m-story.html) for teams to stay in touch. Malicious actors send out fake notifications using false domains of such video-conferencing applications or sites to _deliver fabricated emails to phish the users_. #### The Job Termination Conundrum Cut off from the organization’s other departments and working mostly in isolation, employees may face confusion and take some time to adjust to the work-from-home scenario. The malicious actors create fake [emails impersonating](/products/email-impersonation-protection/) the organization’s officials to take advantage of the situation. These emails may talk about job termination, which would naturally shock an uninformed employee. Without thinking twice, the employee may end up providing his/her official credentials, _leaving the gateway of the organization’s network open for malicious actors to exploit_. #### Fake Covid-19 Statistics Emails _Malicious actors often send emails with headers indicating various Covid-19 statistics_. Those curious to get the latest trends and numbers click on the attachment, which **downloads malware** into their system. Such fake [emails impersonate](/products/email-impersonation-protection/) prestigious organizations, including the WHO. #### IMF Covid Compensation Email An email with the title ‘Re: IMF Compensation’ is one method used by **phishing attackers** to exploit innocent users. The email talks about compensation from the International Monetary Fund (IMF) to select people. It contains the words of the IMF Director to make it appear credible and a [fake IMF form](https://www.imf.org/external/scams.htm) to fill in with the email recipient’s critical personal data. #### ‘Covid Test Result’ Phishing Another [phishing email](/blog/sophisticated-new-tactic-makes-phishing-emails-harder-to-detect/) that emerged during the pandemic was the [fake Covid-19 test result](https://oig.hhs.gov/fraud/consumer-alerts/fraud-alert-covid-19-scams/) message. Those who have undergone tests and awaiting the outcome could think it is an email containing their results. Those who open the email could trigger a **malware installation** into the system. #### SharePoint Impersonation An email impersonating SharePoint started making rounds following the outbreak of the pandemic. It claimed to provide Covid-19-related information. _The link included takes the user to a malicious website on AWS_. The footnote mentioning that the URL would only work for the recipient creates a **false sense of security**. ### Final Words COVID-19 undoubtedly has wreaked havoc worldwide. To make the matter worse, _numerous threat actors have emerged with newer and sophisticated methods_, especially **phishing emails** in various forms, designed specifically to suit the pandemic times to take advantage of frustrated victims. The easiest and yet the most effective way to keep these malicious actors at bay is to [stay abreast](https://safety.google/securitytips-covid19/) of their latest modus operandi and remain vigilant with all digital activities. ### Enterprise-class email protection without the enterprise price For flexible per-user pricing, PhishProtection’s integrated email security solution protects your employees from business email compromise (BEC) and many other email threats. 24×7\. On any device. With features you’d expect in more expensive solutions: **All Plans Come With** - Stops business email compromise (BEC) - Stops brand forgery emails - Stop threatening emails before they reach the inbox - Continuous link checking - Real-time website scanning - Real time alerts to users and administrators - Protection with settings you control - Protection against zero day vulnerabilities - Complete situational awareness from web-based console ![Trusted By Phishprotection3](https://media.mailhop.org/phishprotection/images/2020/02/trusted-by-phishprotection3.png) ### Join 7500+ Organizations that use Phish Protection [ 60-Day Free Trial ](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) Phish Protection works with System Administrators, IT Professionals and IT Executives in thousands of companies worldwide. Sign up and protect your organization from phishing attacks in less than 5 minutes ![Sys Admin1](https://media.mailhop.org/phishprotection/images/2020/03/sys-admin1.jpg) ![Itprofessional1 E1585030432965](https://media.mailhop.org/phishprotection/images/2020/03/itprofessional1-e1585030432965.jpg) ![Directorofit1](https://media.mailhop.org/phishprotection/images/2020/03/directorofit1.jpg) ## Protect your inbox from phishing attacks Start your 60-day free trial - no credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"21","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/phish-protection/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"Article","headline":"Evolution Of Phishing Attacks In The Pandemic Era","description":"Evolution Of Phishing Attacks In The Pandemic Era: The Covid crisis has provided the perfect cover for malicious actors to continue with their nefarious.","url":"https://phishprotection.com/evolution-of-phishing-attacks-in-pandemic-era/","dateModified":"2022-02-09T10:33:01.000Z","author":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection"},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/phishprotection-logo.png"},"description":"Enterprise-grade email security that protects businesses from phishing, ransomware, and email fraud with real-time threat detection and multi-layered protection.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://phishprotection.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138897912","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Ransomware Protection","Business Email Compromise","Time of Click Protection","Advanced Threat Defense","Email Fraud Prevention","Phishing Awareness Training","Office 365 Email Security"]},"image":"https://media.mailhop.org/phishprotection/images/og-default.png"} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Evolution Of Phishing Attacks In Pandemic Era","item":"https://phishprotection.com/evolution-of-phishing-attacks-in-pandemic-era/"}]} ```