The second quarter saw a rise in entertainment-based fraud and phishing lures, including one campaign capitalising on the interest around the TV special, “Friends: The Reunion”. Researchers found fake sites purporting to host video for the much-anticipated special episode of the popular sitcom, although those who tried to watch or download the episode were redirected to a Columbia Pictures splash screen. After a few seconds, the broadcast stopped and was replaced by a request to pay a nominal fee.
Variations of this type of scam cropped up in late April, too, timed around the Academy Awards, as Oscar-nominated movies were advertised with fake websites offering “free viewings”. However, after payment of the ‘subscription’ the screening did not resume, with the cyber criminals instead gaining a new bank account to take advantage of.
Q2 also saw the return of cloud phishing lures, researchers found, likely driven by the continuation of remote working throughout the COVID-19 pandemic. For instance, when targeting corporate accounts, scammers imitated mailings from popular cloud services. A spoofed notification about a Microsoft Teams meeting or a request to view an important document was found to take the victim to a phishing login page asking for corporate account credentials.
Some of the malicious schemes were aimed at stealing funds or installing malware, proving that cyber criminals were not just looking to take over user accounts, but make some quick money, too. Some were spoofed comments added to a document stored in the cloud. Another email threatened legal action, and asked the target to “review documents” about the issue. Clicking on the link, however, eventually led to the download of a backdoor loader.
Other lures in circulation included offers of financial pandemic assistance sent in the name of government agencies, notices of unexpected parcels requiring payment by the recipient, notifications about being the lucky winner of a tidy sum and romance-themed efforts.
Additionally, researchers found that after a prolonged decline, the share of spam in global mail traffic began to grow again, making up 47% of the volume.
Researchers said: “In Q2, as expected, cyber criminals continued to hunt for corporate account credentials and exploit the COVID-19 pandemic. As for Q3 forecasts, the share of cyber attacks on the corporate sector is likely to stay the same. This is because remote working is now well established among businesses. Also, the COVID-19 topic is unlikely to disappear from spam. If the current crop of vaccination and compensation scams weren’t enough, fraudsters could start utilising newly identified variants of the virus to add variety to their schemes.”
Neuways, as ever, advises businesses to ensure its employees are well aware of the latest scams. This very bulletin updates you each and every week on the ongoings in the cyber crime world – please share it among colleagues, to point out particular threats that could affect anyone within your business. Alternatively, to sign up to receive the email every Thursday in your inbox, click here.