Covid-19 leads to sharp increase in phishing attacks

Phishing incidents rose 220 per cent during the height of the Covid-19 pandemic compared to the yearly average, a new report by F5 Labs reveals.

Based on data from F5’s Security Operations Centre (SOC), the number of phishing incidents in 2020 is now set to increase 15 per cent year-on-year, though this could soon change as second waves of the pandemic spread, researchers warn.

Covid-19 – related phishing emails mainly manifested themselves as fraudulent donations to fake charities, credential harvesting and malware delivery.

Attacker opportunism was in further evidence when F5 Labs examined certificate transparency logs (a record of all publicly trusted digital certificates). The number of certificates using the terms “covid” and “corona” peaked at 14,940 in March, which was a massive 1102 per cent increase on the month before, the report says.

“Attackers are quick to jump onto emotive trends and Covid-19 will continue to fuel an already significant threat,” said David Warburton, senior threat evangelist at F5 Labs.

“Unfortunately, our research indicates that security controls, user training and overall awareness still appear to be falling short across the world,” he added.

Read: GCC countries see sharp spike in financial malware in H1 2020: report

In 2020 to date, 52 per cent of phishing sites have used target brand names and identities in their website addresses. Using phishing site data from Webroot, F5 Labs discovered that Amazon was the most targeted brand in the second half of 2020. Paypal, Apple, WhatsApp, Microsoft Office, Netflix, and Instagram were also among the top ten most impersonated brands.

Meanwhile, cybercriminals also became more ruthless in their bids to hijack reputable, albeit vulnerable URLs – often for free. WordPress sites alone accounted for 20 per cent of generic phishing URLs in 2020. The figure was as low as 4.7 per cent in 2017 the report says.