Corona Package Hold Threat
So there’s yet another covid phishing scheme out and about! Except this time it delivers malware, not just phishing for information!
Covid has grounded people in there homes. By government order people are stuck home, greatly throttling shipping. Which is the way almost everyone receives their goods. More importantly, everyone knows this. It is common knowledge. Which means it is a ripe lure for phishing. But this is a truly clever ploy. The attackers claim to be a major shipping network. They then say that a package has been held by the government due to coronavirus. The victim needs to perform action X to release the package. In a particularly troublesome branch of this threat, a trojan virus is downloaded onto the victims computer!
These threats are particularly dangerous for decision makers. These threats that require will end up on their desks and it is their fault if they incur a breach. As Proofpoint has popularized, it is important to identify your very attacked people. Investing additionally into them to provide security. The nature of information security is that it really only takes one fault for attackers to get in and spread around your organization.