- Get link
- X
- Other Apps
The corona crisis seems to inspire cybercriminals in their activities: Currently there are warnings against phishing emails on corona issues, including immediate corona aid. We summarize current warnings for you, show you why employee awareness-raising is so important when it comes to phishing, and explain how you can recognize phishing emails.
Phishing Emails: Corona Emergency Aid
In a press
release, the European Commission warns of phishing emails in connection
with the Corona emergency aid. As a result, phishing e-mails with fake
forms are in circulation, which promises an alleged “bridging aid II for
companies, businesses, self-employed people, associations and institutions”. Whoever
opens the form makes it easy for the fraudsters: This is how they get sensitive
data that should be tapped. Therefore the commission warns: “Do not open
these emails! It is a fraud attempt by malicious actors to gain access to
sensitive company data. "
Predominantly Affected Users of T-Online
In addition to
the police, Deutsche Telekom was also notified because: “At the moment,
T-Online users are mainly affected. Thousands of T-Online users receive
fraudulent emails that look like they come from Commission staff, ”warns the
press release. The fraudsters have recently started using "existing
personal email addresses [...] - in the current case from the spokesman for the
European Commission in Germany, Reinhard Hönighaus".
The Commission
stresses that no email accounts have been hacked. Rather, they are
“imitated by criminals”. The European Commission states: “The imitation of
the Commission's mail domain can only be successful if the infrastructure of
the recipient of these malicious emails does not carry out an origin check
using the“ Sender Policy Framework ”, or SPF for short because the Commission
has an SPF policy published the relevant channel. As with some other
providers, the recipient infrastructure behind @ t-online.de does not carry out
an SPF check. "
It is
important to know that the SPF check does not check the e-mail address that
recipients see in the "From" field, but rather the envelope from address,
which is not even displayed in the mail program. Even with the SPF check,
e-mails that look like they came from another location can still be sent. Apparently,
Deutsche Telekom has already reacted: It has "announced countermeasures
and communication measures to the representation of the European Commission in
Germany".
Phishing: An Underestimated It Security
Risk
It is not the first time this year that phishing emails on corona issues have been warned:
The European Commission alone issued warnings in July, October and
even once in November. Also, the Federal Office for
Information Security (BSI), the WHO, the consumer advice
centers and the Federal Police issued a warning.
Various
studies and investigations have further confirmed that the success of phishing
in companies stands and falls with employee awareness. An online survey by
the American software provider OpenText shows that 79% of all German office
workers open e-mails from unknown senders without hesitation. This means
that 4 out of 5 employees * open emails from unknown senders!
The online
survey of 1,000 German employees also showed that a staggering 28% of those
surveyed had been the target of a phishing campaign at least once in the past
12 months. In the course of the corona crisis, 15% of those surveyed
already received phishing emails with corona topics. Terrifying: Only 13%
of those who had already been the victim of an attack with phishing emails
reported this to their employer.
According to
their own statements, the employees surveyed received around 70 emails a day. If
you consider that the majority of employees open every e-mail even if the
sender is unknown, the potential for the risk of security incidents is slowly
becoming apparent. The tragic thing is that employees do not feel
responsible at all: Only nine percent see responsibility for cybersecurity with
themselves. 66%, on the other hand, believe that the IT departments are
responsible.
Further Studies on Phishing Emails with
Corona and It Security
In October
2020, Ironhack analyzed which countries are particularly attractive for cyber
criminals and hackers. The company explains: "Our result
shows that, after the United States, Germany is the country most at risk from
cybercriminals."
In their “2020
Phishing and Fraud Report”, the Munich-based company L5 Labs explains
that phishing websites and emails are looking more and more professional. As
a result, phishers would increasingly concentrate on recreating well-known
branded websites.
As early as
April 2020, Google reported that around 18 million phishing emails
on Corona, topics were blocked every day - in addition to the around 240 million
spam emails relating to Corona. It is noticeable that spear phishing is
gaining in importance (further information on spear phishing can be found in
our article “Spear Phishing with Emotet” ).
Recognize Phishing and Act Correctly
If you receive
e-mails that meet the following characteristics, you should be skeptical,
because then it could be phishing e-mails:
· The content of the e-mail is intended to encourage you to take any action, such as: "Update your data immediately!"
· Threats are also often used: "... otherwise we will permanently block your account."
· The e-mail is asked to enter confidential data, such as your online banking PIN or your credit card number.
· You discover links or attachments in the e-mail and are urgently requested to use them.
· The message content is written in brittle or poor German. This also includes the appearance of Cyrillic letters, missing or incorrectly resolved umlauts such as “u” or “us” instead of “ü”. Caution: In the meantime, professionally written phishing emails hardly show any linguistic deficiencies, so be careful even with well-worded texts.
· Check the email header: As mentioned above, it is easy to disguise email addresses and / or impersonate someone else, such as the European Commission spokesman. The IP address of the sender can be found in the email header - and it is forgery-proof. At this point, the consumer advice center explains how you can read the e-mail header.
In order
to deal with the risk of phishing in companies, it is essential to train
employees accordingly. As the study results summarized above show, many
employees just don't know how to behave. Employee training on security
awareness is a sustainable countermeasure - it is an investment in the
company's IT security.
By the way: Phishing is not
only dangerous via email or website, but also via SMS. For more
information, read our article "The danger of smishing: This is how
phishing via SMS works". If you want to find out how well you
know about phishing, take the test: With our phishing quiz.
Use total security to protect your computer from phishing attacks.
Comments
Post a Comment