The deadly COVID-19 outbreak is causing tremors among the overall community. Globally, local Governments are fighting hard to protect their citizens from the pandemic. According to Proofpoint Threat Research Team, ready-made COVID-19 themed phishing templates developed by threat actors across the world are currently involved in the copying of Government websites worldwide. This is a major cause of concern because people often disguise the fake websites developed with these templates as original. The result will be dangerous as people are giving away their confidential personal information including financial data to fake websites without their knowledge. The purpose of the fake websites created with COVID-19 themed phishing templates is to steal credentials by provoking you to assist certain organizations financially.
The Proofpoint Threat Research Team reveals that they have observed a huge surge in the creation of COVID-19 themed phishing templates that imitate the real websites. This includes the portals of the World Health Organization (WHO), Internal Revenue Service (IRS), Centers for Disease Control (CDC) including the Governments of the UK, Canada, and France.
Credential stealers are just one mouse click away
According to the research report, more than 300+ COVID-19 phishing campaigns via COVID-19 Themed Phishing Templates are reported since January 2020 are mainly involved in capturing user credentials such as usernames and passwords. The threat actors are currently involved in the creation of high-quality and malicious web domains to embed into their COVID-19 phishing campaigns.
Be careful of consequences
The phishing attackers employ email lures with highly effective themes and use general websites for actual credential harvesting. The custom COVID-19 payment phishing templates are designed in such a way that people often view them as original sites. The need of the hour is to make customers aware of the consequences due to phishing.
Variation in results
The report provides the sudden growth in COVID-19 phishing landing page deployments in Graphical format. The data ranges from January 1, 2020, to April 16, 2020. Upon inspection of the graph, we infer that there is a sudden steep climb from March 4 to March 26 followed by a steep decline. The variation in the results is due to the combination of saturation for COVID-19 Themed Phishing Landing Pages.
The Proofpoint Threat Research Team has examined the details of the COVID-19 templates with relevant screenshots on the report. The first reference is with regard to the World Health Organization. The report states that the phishing template copies the World Health Organization logo and color scheme from the original website – who.int. Moreover, the template is designed to be used as part of a credential phishing campaign such as fetching the visitor’s username and password.
The purpose is to gain access to the various information pertaining to COVID-19 safety measures. The remaining part of the report reveals the details of the phishing templates specifically oriented for United States Centers for Disease Control, Internal Revenue Service, Government of Canada, United Kingdom, Westminster City Council, and French Government.
Conclusion
The Proofpoint Threat Research Team report clearly specifies the fact that more than 300 different COVID-19 campaigns are under full swing. The campaigns are created by various threat actor groups to unknown individuals in English, Spanish, Japanese, French, Italian, Turkish, Portuguese, and other languages. You should note that threat actor follows all the latest developments. With Governments across the world have created their own portal to keep track of the people coming to their territory, hackers are eagerly waiting to sneak into the systems. The COVID-19 is not going to end soon and threat actors will continue to initiate themed attacks based on various organizations and portals. The only solution to combat the growing menace of the COVID-19 Themed Phishing Templates is to directly navigate to the relevant website and complete the actions. For instance, if you would like to contribute money to the WHO, you should visit the official website by entering the URL on your browser. You should not click on the links received via SMS, emails, and other social media platforms asking for payments. If you do so, then you are risking the shelf life of your valuable data and earnings.