The scammer arsenal of tricks and cons has received a bit of an update recently, as it’s not just covid scams set to land in your emails.
It’s not as if con-artists and cyber-criminals need a whole heap of inspiration for the type of cons and scams they plan to pull over us, but news and current affairs tends to be one of the main areas they look at, partially because it keeps them in the same mindset as the rest of us.
That could be why we saw many covid-related scams throughout the bulk of the pandemic, and while covid isn’t quite over yet, there are new things happening.
Tune into the news and you might have heard of monkeypox, and scammers sure have, with security company Mimecast picking up on a related scam targeted at businesses, though it could easily be adapted for anyone else. Much like how scams were taking advantage of the Ukraine invasion, so too has the scam cycle adapted to a new medical situation in the news cycle, as well.
While covid may have been the medical focus of many a scam recently, monkeypox in the headlines means scammers are looking to trick people with links to click amidst alarms, and while Mimecast has redacted individual information, the gist of the message below is still clear: click the link do complete mandatory monkeypox training.
The scam is yet another poorly written email focused on misinformation, with the word “Attenton” enough to make you think whole thing this hasn’t been thought out remarkably well. However, it’s simple enough to work, especially if users don’t check the email details carefully, taking care to see whether it was actually sent from the company, and not someone outside.
“Monkeypox is high on the news agenda so it comes as no surprise that cyber criminals are exploiting it,” said Tim Campbell, Head of Threat Intelligence Analysis at Mimecast.
“Cybercriminals [are] adjust their phishing campaigns to be as timely and relevant as possible, using traditional attack methods to exploit current events in an attempt to lure busy and distracted people to engage with links in emails, applications or texts,” he said.
“Now, they are using monkeypox as an opportunity to send phishing emails to company employees for ‘mandatory monkeypox awareness training’. As the phishing email is made to look like an internal company email, employees are at risk of clicking the link and entering their login details, which will then be stolen and used to access systems within the organisation and steal information.”
While invading business systems is likely the target, all it needs is a consumer angle, and you can see people falling for it, likely leading victims into a funnel of lies and detail transfers, which would end up seeing them download malware to you computer, while possibly handing details to someone else.
Unfortunately, this scam is yet another example of why it’s so important to check whether an email you’ve received is legit, specifically looking at the information up top, especially if the message is meant to raise alarm bells.