Sponsored Content

Phishing Lures Shift from COVID-19 to Job Opportunities

phishing attack

Fortinet researchers are seeing a pivot in the spear-phishing and phishing lures used by cybercriminals, to entice potential job candidates as businesses open up.

Cybercriminals cashed in on the surge of COVID-19 earlier this year, with email lures purporting to be from healthcare professionals offering more information about the pandemic. However, as the year moves forward, bad actors are continuing to swap up their attacks with savvy lures that match top-of-mind current events, said Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs.

Derek Manky

In the third quarter of 2020, cybercriminals sent spear phishing emails pretending to be about economic incentives, as governments offered financial aid to those affected by the pandemic. And researchers are seeing ongoing email based attacks that tap into new job opportunities – as businesses start to open up – with job candidates lures.

“As jobs started to be recreated in the industry we saw lures targeting candidates for jobs – in fact, man-in-the-middle attacks were intercepting emails based on job offers,” he said.

Manky talks to Threatpost host Cody Hackett about the rise of web-based threats, the continuance of low-volume, high-risk, targeted ransomware attacks (particularly in the healthcare space) and other security threats of this quarter, in this week’s sponsored podcast episode.

Listen to the full podcast below or download direct here.

Also, check out our podcast microsite, where we go beyond the headlines on the latest news.

Suggested articles

The State of Secrets Sprawl – Podcast

In this podcast, we dive into the 2022 edition of the State of Secrets Sprawl report with Mackenzie Jackson, developer advocate at GitGuardian. We talk issues that corporations face with public leaks from groups like Lapsus and more, as well as ways for developers to keep their code safe.

Cyberattackers Put the Pedal to the Medal: Podcast

Fortinet’s Derek Manky discusses the exponential increase in the speed that attackers weaponize fresh vulnerabilities, where botnets and offensive automation fit in, and the ramifications for security teams.