E-mail-based attacks mimicking well-known financial institutions and online payment services have surged over the Halloween and Black Friday season, as cybercriminals continue to leverage restrictions brought on by the pandemic.
Although coronavirus-related email messages dominated phishing campaigns throughout the year, the uptick in digital transactions, online shopping and the online management of individual finances have created given cybercriminals new advantages.
A series of phishing campaigns posing as online banking services marred the second half of 2020, according to the Bitdefender Antispam Lab:
- September 20 – 08% of all incoming emails relating to banks and financial services was marked as spam was related to banks and financial services
- October 25 – nearly 6 in 10 emails (84%) relating to the banking industry were fraudulent
- November 29 – 7% of all received emails pretended to come from popular financial institutions
Many of the fraudulent emails mimic legit correspondence sent by actual banks. They contain real logos, specific layouts and even industry lingo, making it harder for recipients to notice the red flags, especially when accessing the message from a phone or tablet.
However, most of the spam messages transmit a sense of urgency, asking users to quickly either share personal or financial information, download a document or attachment, or click on links to resolve a security issue.
Here are some of the most significant spam and malspam campaigns leveraging customers of prominent financial institutions in the past two months:
Standard Bank
Customers of the South African bank were targeted in three major spam campaigns between October and November 2020. On October 7, 97.76% of incoming correspondence claiming to be from Standard Bank was fraudulent. Additional campaigns were picked up on November 26-27, when 87.96% and 90.64% of the correspondence was marked as spam…Click here to read full article.