Building a phishing campaign using the government's response to the coronavirus as bait became a little easier with the release of COVID-19-themed credential phishing website templates that have hit the malicious markets.
The templates make it simple for criminals to quickly create high-quality, malicious Web domains that mimic key government agencies and non-government organizations involved in fighting COVID-19. In most cases, the look-alike website is a trap for credential mining, capturing information that can be used for identity theft, financial fraud, and enterprise system intrusion.
According to researchers at Proofpoint, who published the news, more than 300 different COVID-19 campaigns have been found since January. And the criminal efforts are truly international: While these efforts are primarily in English, the researchers have also seen campaigns in Japanese, Spanish, Italian, French, Portuguese, Turkish, and other languages.
Read more here.