Coronavirus-Related Spear Phishing Attacks See 667% Increase in March 2020

April 16, 2020

Barracuda researchers have seen a steady increase in the number of coronavirus or COVID-19-related spear-phishing attacks since January 2020, but they have observed a recent spike in this type of attack, up 667-percent since the end of February 2020.

Between March 1 and March 23, 2020 Barracuda Sentinel has detected 467,825 spear-phishing email attacks, and 9,116 of those detections were related to COVID-19, representing about 2 percent of attacks, says Fleming Shi, Chief Technology Officer at Barracuda. In comparison, a total of 1,188 coronavirus-related spear-phishing attacks were detected in February, and just 137 were detected in January, he adds. Although the overall number of these attacks is still low compared to other threats, the threat is growing quickly, he warns.

covid-19 spear phishing

Image courtesy of Barracuda

Barracuda researchers have seen three main types of phishing attacks using coronavirus COVID-19 themes — scamming, brand impersonation, and business email compromise. Of the coronavirus-related attacks detected by Barracuda Sentinel through March 23, 54 percent were scams, 34 percent were brand impersonation attacks, 11 percent were blackmail, and 1 percent are business email compromise.

covid-19 spear phishing

Image courtesy of Barracuda

Phishing attacks using COVID-19 as a hook are quickly getting more sophisticated, Shi says. In the past few days, Barracuda researchers have seen a significant number of blackmail attacks popping up and a few instances of conversation hijacking.

"In comparison, until just a few days ago we were primarily seeing mostly scamming attacks. As of March 17, the breakdown corona-virus phishing attacks detected by Barracuda Sentinel, 77 percent were scams, 22 percent were brand impersonation, and 1 were business email compromise. We expect to see this trend toward more sophisticated attacks continue," Shi adds.

Goals of the attacks ranged from distributing malware to stealing credentials, and financial gain. One new type of ransomware Barracuda systems detected has even taken on the COVID-19 namesake and dubbed itself CoronaVirus.

Barracuda also noticed one blackmail attack that claimed to have access to personal information about the victim, know their whereabouts, and threatened to infect the victim and their family with coronavirus unless a ransom was paid. Barracuda Sentinel detected this particular attack 1,008 times over the span of two days.

For the full blog and for more information, visit https://blog.barracuda.com/2020/03/26/threat-spotlight-coronavirus-related-phishing/

Security leaders need to accept and act on this reality and take measured and thoughtful steps to mitigate the risk and train staff about the growing likelihood of such violent incidents in their facilities and workplaces.

In this webinar, we review the results of a benchmark study that asked security professionals about their past, present and future outlook on manned guarding. Want to know what your peers are saying about their weekly billed hours? Join us to find out!

Coronavirus-Related Spear Phishing Attacks See 667% Increase in March 2020

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

Coronavirus-Related Spear Phishing Attacks See 667% Increase in March 2020

Related Articles

Related Products

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.