Recent Posts

Recent Blog Posts

The PhishLabs Blog

COVID-19 Phishing Update: Bad Actors Use Stimulus Payment Delays to Capture Banking Credentials

Posted by Jessica Ellis on Apr 20, '20

With many U.S. citizens still waiting to receive their government-mandated stimulus, we are again seeing cyber criminals shift their tactics in accordance with the news cycle. Below is one example of a lure abusing access to an undeliverable stimulus payment. 

Read More

Topics: COVID-19

COVID-19 Phishing Update: Voicemail Attacks Surface Targeting Office 365 Users

Posted by Jessica Ellis on Apr 17, '20

Cyber criminals are using coronavirus-themed voicemail notifications in the latest efforts to act on pandemic fears and steal credentials. The example below shows how they are doing it.

Read More

Topics: COVID-19

COVID-19 Phishing Update: Workplace Concerns Exploited to Distribute Malware

Posted by Jessica Ellis on Apr 13, '20

In recent efforts to deliver attacks that abuse the novel coronavirus, threat actors are exploiting workplace concerns about outbreak prevention and shipment delays. Below are two examples sent with the intent of delivering malware. 

Read More

Topics: COVID-19

COVID-19: New Daily Intel Download and Webinar Next Week

Posted by Elliot Volkman on Apr 8, '20

In the past month, we have identified and documented the methods in which threat actors have exploited the novel coronavirus (COVID-19). As fear and uncertainty around the global pandemic continue to grow, threat actors are working in tandem to develop relevant malicious lures and cyber threats.

Read More

Topics: COVID-19

COVID-19 Phishing Update: Promise of Payments Fuel Financial Fraud

Posted by Jessica Ellis on Apr 7, '20

Cyber criminals are using the stimulus bill and relief payments to exploit growing concerns about financial security. The examples below are impersonating financial institutions. 

Read More

Topics: COVID-19

COVID-19 Phishing Update: Nigerian Prince Lures Evolve with Crisis

Posted by Jessica Ellis on Apr 3, '20

Threat actors are repurposing Nigerian Prince or 419 lures with novel coronavirus messaging to capitalize on the current pandemic. Today’s examples demonstrate how they are doing it.

Read More

Topics: COVID-19

COVID-19 Phishing Update: Infected Coworker Email Targets Enterprise O365 Credentials

Posted by Jessica Ellis on Apr 2, '20

Threat actors are exploiting employee concerns about infected colleagues. Our latest example targets Office 365 accounts at a large Canadian company by falsely claiming a colleague has died from the virus. 

Read More

Topics: COVID-19

COVID-19 Phishing Update: Email Posing as Scam Guidance Delivers Malware Instead

Posted by Jessica Ellis on Mar 31, '20

The novel coronavirus is giving opportunistic threat actors new means of deploying malicious lures on unsuspecting targets. Today’s example shows the attacker leveraging the pandemic by offering guidance on how to avoid coronavirus scams. Unfortunately, it’s also a scam.

Read More

Topics: COVID-19

COVID-19 Phishing Update: Your Bank is Not Texting You About Coronavirus

Posted by Jessica Ellis on Mar 30, '20

Threat actors continue using COVID-19 fears to exploit individuals on a variety of channels. Today we are taking a look at two new, related SMS lures. 

Read More

Topics: COVID-19

COVID-19 Phishing Update: Threat Actors Impersonating CDC, WHO

Posted by Jessica Ellis on Mar 26, '20

As COVID-19 continues to spread, we are seeing an increase in threat actors impersonating public health organizations and luring victims in with fake links to government agencies. The four examples below impersonate the Center for Disease Control and Prevention (CDC) and the World Health Organization (WHO) using lures we have recently observed.  

Read More

Topics: COVID-19

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all