Phishing Lures Shift from COVID-19 to Job Opportunities | Threatpost

Cybercriminals cashed in on the surge of COVID-19 earlier this year, with email lures purporting to be from healthcare professionals offering more information about the pandemic. However, as the year moves forward, bad actors are continuing to swap up their attacks with savvy lures that match top-of-mind current events, said Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs.

Derek Manky

In the third quarter of 2020, cybercriminals sent spear phishing emails pretending to be about economic incentives, as governments offered financial aid to those affected by the pandemic. And researchers are seeing ongoing email based attacks that tap into new job opportunities – as businesses start to open up – with job candidates lures.

“As jobs started to be recreated in the industry we saw lures targeting candidates for jobs – in fact, man-in-the-middle attacks were intercepting emails based on job offers,” he said.

Manky talks to Threatpost host Cody Hackett about the rise of web-based threats, the continuance of low-volume, high-risk, targeted ransomware attacks (particularly in the healthcare space) and other security threats of this quarter, in this week’s sponsored podcast episode.