Scam Pandemic: How Attackers Exploit Public Fear through Phishing

by   Marzieh Bitaab, et al.

As the COVID-19 pandemic started triggering widespread lockdowns across the globe, cybercriminals did not hesitate to take advantage of users' increased usage of the Internet and their reliance on it. In this paper, we carry out a comprehensive measurement study of online social engineering attacks in the early months of the pandemic. By collecting, synthesizing, and analyzing DNS records, TLS certificates, phishing URLs, phishing website source code, phishing emails, web traffic to phishing websites, news articles, and government announcements, we track trends of phishing activity between January and May 2020 and seek to understand the key implications of the underlying trends. We find that phishing attack traffic in March and April 2020 skyrocketed up to 220% of its pre-COVID-19 rate, far exceeding typical seasonal spikes. Attackers exploited victims' uncertainty and fear related to the pandemic through a variety of highly targeted scams, including emerging scam types against which current defenses are not sufficient as well as traditional phishing which outpaced the ecosystem's collective response.


page 1

page 2

page 3

page 4


Don't Fish in Troubled Waters! Characterizing Coronavirus-themed Cryptocurrency Scams

As COVID-19 has been spreading across the world since early 2020, a grow...

Pandemic Pulse: Unraveling and Modeling Social Signals during the COVID-19 Pandemic

We present and begin to explore a collection of social data that represe...

Methodology proposal for proactive detection of network anomalies in e-learning system during the COVID-19 scenario

In specific conditions and crisis situations such as the pandemic of cor...

Characterizing collective physical distancing in the U.S. during the first nine months of the COVID-19 pandemic

The COVID-19 pandemic offers an unprecedented natural experiment providi...

The COVID-19 online shadow economy

The COVID-19 pandemic has reshaped the demand for goods and services wor...

On Blowback Traffic on the Internet

This paper considers the phenomenon where a single probe to a target gen...

Please sign up or login with your details

Forgot password? Click here to reset