The Biggest Beneficiaries of COVID-19 are also the Biggest Phishing Targets
Quick Answer
Services that gained users during COVID became the heaviest phishing targets. Netflix searches jumped 142 percent during lockdown, and BrandShield tracked 639 fake Netflix domains registered between January and April 2020, with 236 created in March alone. Zoom saw similar surges. Attackers register lookalike domains, build convincing payment pages, and harvest credentials and card data from users who think they're starting or renewing a subscription. Defenses for users: type the service URL directly, never click subscription emails, verify the sender domain character by character, and watch the URL bar before submitting any payment form. For companies, deploy email security that blocks lookalike domain attempts at the gateway so the phishing message never reaches the inbox. Awareness alone fails when attackers iterate faster than training cycles.
Even when something as horrible as COVID-19 happens, there are some companies that benefit. One of the beneficiaries of the virus is Zoom Video, the video conferencing company that has seen a huge demand increase for their product. For those seeking an alternative to Zoom, other video conferencing tools offer varied features that may better meet specific needs.
Another, less obvious company, that has seen an increased demand for their service is Netflix. Recent stats display that as the COVID-19 crisis gripped nations throughout the world, Google searches for Netflix jumped to 142%. And sure enough, just as the demand goes up, so too do the number of phishing attacks targeting the company’s customers (and potential customers).
According to an article on Tech Times, “Experts warned that cyber crooks are targeting users of streaming websites amid the coronavirus disaster. Scams highlighted include putting in place fake websites to trick human beings into thinking they’re buying a Netflix subscription. But in fact, they are handing over their touchy info to crooks and having their cash stolen.”
How widespread is this problem? According to BrandShield, “The cybersecurity company noted some 639 fake domains which use the word Netflix have been registered since January. BrandShield said 236 fake Netflix domains were set up in March alone.”
The CEO of BrandShield added, “Consumers of streaming websites are increasingly at risk of successful phishing attacks. The problem of hacking is only going to get bigger as people spend more time transacting and interacting online.”
You’ve been warned. But what can you do? The first thing you should do is heighten your sensitivity to incoming phishing emails. Confirm the sender, look for typos, watch out for pressure tactics and be careful of clicking on links in any emails.
The second thing you should do is deploy web-based anti-phishing software, so you never have to worry about phishing emails ever again. Cloud-based Phishing Protection software like that available from DuoCircle is fast and simple to set up and doesn’t require you to purchase anything. And it only costs pennies per user per month.
COVID-19 is the latest scam for hackers to take advantage of, but the truth is it doesn’t matter. Hackers will not stop. They will use whatever the next calamity is to try and phish you. If you want to rest easy and not have to worry about it, check out Phishing Protection from DuoCircle. It keeps your computer social distancing from the bad guys.
General Manager
General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.
Secure your email infrastructure
Protect, authenticate, and deliver. Contact our team to find the right solution.