Cyber criminals jump at the change to exploit people’s vulnerabilities during a crisis. When COVID-19 first surfaced, individuals, businesses and institutions fell victim to a wave of virus-themed online attacks and phishing schemes.

The Canadian Centre for Cyber Security, a branch of the Government of Canada, reported more than 120,000 COVID-19 themed web domains registered since January 2020. More than 1,000 imitated federal government websites such as Canada Revenue Agency (CRA) and the Canadian Emergency Response Benefit (CERB).

Experts alerted the public to the threats early on, warning of scams around charities, cures and financial incentives. However, as awareness and fraud prevention increased, fraudsters became more sophisticated.

Now, cyber criminals are sending out online reconnaissance balloons to gauge how susceptible targets are.

The phishing lure

Fraud actors are continually gauging public sentiment to better con people, including ongoing education on how not to fall victim to these lure attempts. Cyber security analysts have discovered the latest trend in cyber crime is to send out "set-up" emails. The vanguard of a three-pronged assault is to see if they can evade spam filters before sending the actual phishing email.

Step 1: A cyber criminal will send out an innocent-looking email that doesn't require any action or contain any links or suspicious attachments. The email could range from what appears to be a simple informative article, a news update or something else that seems to be a normal day-to-day email update.

Step 2: The recipient opens the email (this means you’ve clicked to open it on your device or your browser has automatically opened it) without checking it comes from a valid, known address and deletes it without marking the email as spam. Whether or not you have actually read the article doesn’t matter. As a result, the sender has now successfully evaded spam filters and the email provider continues to allow any follow-up emails from the sender to be delivered safely and directly to your inbox without hitting any spam filters.

Step 3: Your inbox now recognizes the sender as "safe,” leaving you, your contact list and your organization open to attack. The good news? With a keen eye, there are still steps you can take to identify risk and protect yourself. Here are a few key considerations:

Eyes on fraud flags

• You don’t recognize the email address, or it is slightly different than usual
• The email greeting is generic and not personalized to your name
• The URLs on embedded links are strange or don’t match the email content
• The language, spelling and grammar are “off”

Make sure you mark any unusual emails from recipients you have not seen. The significant rise in people working from home has seen cyber criminals take advantage of poorly secured personal devices to access sensitive data through virtual private networks (VPNs) and cloud computing solutions. This will ensure that any future emails sent from that address are filtered.

The evolutions of fraud in the world of COVID

Cyber crime actors will continue to imitate COVID-19 economic stimulus and benefit programs, such as CERB, to target individuals and businesses into divulging financial data or downloading malicious software. And, as the public grows increasingly anxious for a return to normalcy, we expect cyber criminals will likely begin crafting phishing lures which prey on an increased appetite for information around COVID-19 vaccine development and production.

In this new normal, maintaining a high level of cyber awareness and paying attention to all emails before opening them is critical. If you think you’ve received a scam email claiming to be from ATB, call us immediately at 1-800-332-8383 or forward us the email (as an attachment) to fraud@atb.com. Following the above tips and tactics will help protect your information and business—pandemic or not.