As the Covid-19 pandemic rages on, criminals are becoming ever more creative with their phishing attacks. This is according to a new report from cybersecurity firm Kaspersky, which also asserts that attacks are becoming increasingly targeted.
An analysis of popular social engineering tactics uncovered that fraudsters are creating emails and fake websites attributed to businesses whose products or services their potential victims might buy.
These criminals were not even particularly mindful about cultivating a sense of authenticity, Kaspersky says - many of the sham websites were sloppy in appearance.
According to the report, four creative new approaches to phishing were identified during the pandemic.
First, criminals impersonated delivery services, sending out fake parcel update notifications. Victims were asked to open an attachment to find out the address of a warehouse where they could pick up their shipment.
A postal services-themed attack, meanwhile, contained an image of a postal receipt that concealed a spyware installer.
Fraudsters also tapped into the way banks helped their customers during the Covid-19 pandemic, sending out fake communications relating to bonus schemes.
Finally, cybercriminals used fake HR emails to hook victims into downloading attachments containing a malicious file called Trojan-Downloader.MSOffice.SLoad.gen.