In the first half of 2020, phishing emails gained popularity among cyber fraudsters. Such conclusions were made by analysts of the Group-IB company.
According to the study, attackers in the context of the coronavirus pandemic began to use malicious mailings twice as often in order to get user data to access various popular Internet services.
One in three malicious emails sent by fraudsters contained spyware that steals paid data or other important information in order to sell it on the Darknet or blackmail the owner.
One of the most popular ways to get personal data of victims through mailing lists is Troyan-Downloader, which, after getting onto a computer through a letter, download other malicious software.
According to experts, the list of malicious software in demand among fraudsters is headed by the banking Trojan RTM, which intercepts data on account details and takes screenshots. The second place is taken by the spyware Loki PWS, which steals usernames and passwords, and closes the top three Formbook backdoor.
Analysts consider the increase in phishing mailings to be expected, as the popularity of Internet services has grown on self-isolation.
Recall that this trend was confirmed by a study by Trend Micro Incorporated. So, according to experts, in the first half of 2020, almost 9 million attacks related to COVID-19 were recorded. These include email messages, links, and malicious files that mention the coronavirus. The growing ransomware family includes 68 new types of malware, and the main targets are government organizations, healthcare, and manufacturing.