Beware of coronavirus-related phishing e-mail attacks

Phishing e-mail attacks - often related to the coronavirus pandemic - have shown a marked increase since the start of the year, warn cyber security experts.

KnowBe4, a global security awareness training and simulated phishing platform, revealed some of the trends on Tuesday in its first quarter of 2020 phishing report.

The report suggested that attacks were up by as much as 600% in 2020.

"Covering the entire first quarter, simulated phishing tests with an urgent message to check passwords immediately was most popular at 45%," the organisation said in a statement.

"Following this was a coronavirus-related message as the second most popular at 10%." 

Stu Sjouwerman, CEO of KnowBe4, said social media messages were another area of concern related to phishing.

"The bad guys are opportunists and they will use every chance they get to take advantage of people’s heightened emotions during crisis situations such as this one by trying to entice them to click on a malicious link or download an attachment laced with malware," he said.

"It’s no surprise that we’re seeing an explosion of phishing attacks related to the coronavirus because people are actively seeking more information about it. End users should be especially careful with any e-mail they receive related to Covid-19 and immediately report suspicious looking emails to their IT department."

KnowBe4 flagged e-mail subject lines alerting users to new login alerts, password resets, messages saying someone may have accessed an account, "Please Read Important from Human Resources", and messages stating a user had been added to a team in Microsoft Teams.