SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Phishing emails double in November as COVID-19 spurs hacker appetite
Wed, 24th Nov 2021
FYI, this story is more than a year old

There has been alarming spikes in malicious phishing campaigns targeting online shoppers, as Black Friday and Cyber Monday fast approach during the ultimate e-shopping month of November, according to cybersecurity firm Check Point Software.

In fact, Check Point researchers found an 80% increase in malicious phishing campaigns targeting online shoppers in the form of “special offers” in the first two weeks of November, compared to the weekly average in October.

One out of every 826 emails delivered to users worldwide are malicious phishing emails, where the ratio at the beginning of October was 1 out of more than 11,000 emails were found to be malicious phishing emails.

Security researchers cite coronavirus as responsible for the increase in hacker appetite this holiday season, as shoppers rely more on e-shopping this year to practice social distancing. The insight by researchers follows the record-breaking online shopping event of Chinese Singles Day, where Ali Baba reported $74 billion in sales amid worries over the pandemic.

Beware of Special Offers Online

In the first two weeks of November 2020, there was an 80% increase in the amount of email phishing campaigns related to “special offers”, compared to the weekly average in October. The phrases in these dangerous offers include “special”, “offer”, “sale”, “cheap” and “% off”. In fact, the first 2 days of the 2nd week of November (9th and 10th), the amount of weekly “special offer” phishing campaigns is already higher than the first week of October.

Hundreds of Recipients Per Campaign

Each phishing campaign reaches hundreds of recipients, as researchers estimate 1 out of every 826 emails are delivered to users worldwide from senders outside their network. For reference, the ratio at the beginning of October was 1 out of more than 11,000 emails were found to be malicious phishing emails.

Example: Knock-off Pandora Email Phishing Campaign that Targeted e-Shoppers globally, which recipients in USA, UK and Bulgaria fell victim

To better educate and inform the online shoppers this holiday season, Check Point researchers are providing a real example of an email phishing campaign they recently caught. The campaign attempts to imitate the jewelry company, Pandora.

•          Subject: “Cyber Monday | Only 24 Hours Left!

•          Sender: Pandora Jewellery (no-reply\@amazon\.com)

The sender contains an Amazon domain, but there is no mention of Amazon in the mail or in the links belonging to it. Further investigation verified the email address was spoofed to appear as if it was sent from Amazon address. Two of the links in the mail are related to a site that tries to trick recipients into thinking the email is from the jewellery company Pandora.

The links in the emails led to the website www[.]wellpand[.]com. A few days, the links led to a similar website www[.]wpdsale[.]com. These websites were registered at the end of October and beginning of November, right before the phishing emails were actually sent, giving researchers a strong indication that it is all a scam.

Further investigation showed that both the websites the emails led to were a knock-off for “Pandora”.

 “The social distancing forced by the coronavirus will undoubtedly drive more online shopping traction," says Omer Dembinsky., manager of data intelligence at Check Point.

"Consequently, we expect record-breaking hacker activity targeting online shoppers this upcoming holiday season, especially around Black Friday and Cyber Monday.

"We're noticing an unusual and profound focus by hackers on “special offers” this month of November," he says.

"These phishing campaigns can be extraordinarily deceptive, as online shoppers easily mistake them for real offers that are truthfully too good to be true.

"We're living in an age where every email in our inboxes must be treated with caution. I strongly urge every online shopper to think twice when looking at a “special offer” from their favourite brand.