Mimecast, an email security specialist, warned of a scam related to the reimbursement of flights around the world in a context of online crime related to coronaviruses.
The scam itself is very simple and is based on current fears, some real, that the airlines are reluctant to give refunds customers who cannot fly due to the global shutdown of the coronavirus.
This works by offering a fake flight refund form by email. Targets are encouraged to enter their names and credit card details. However, instead of sending this information to an airline, personal and financial data is sent directly to criminals.
Mimecast said The register he had recovered some of the fraudulent emails from his routine surveillance.
“Because the media talks so much about flight cancellations and refunds, criminals have changed this kind of tactic for phishing emails,” said Kiri Addison, Mimecast's data manager for threat intelligence. and surveillance.
She described the form, warning of how the personal data entered could be misused: “They can see all the personal information: phone numbers, email addresses, credit card details , all they can use themselves, all they can sell in the dark … the canvas. [It's] tricks they can also use for future phishing attacks. ”
Topical email scams are a persistent threat, and the scammers behind them largely follow current affairs and current trends in the hope of luring innocent people to part with valuable personal data that can be used to ill-advised to extract money.
Email scams are as old as emails. A common lure is for crims pretending to be the tax authorities. It is also a lucrative “business”: a report last year estimated that fraudsters earned $ 300 million a month in 2018 just for Americans. Some scams are also quite sophisticated, including one spotted in 2017 that recovers old conversations by email from the folder of items sent by Gmail and crashes malware disguised as previously approved attachments to be fired.
Addison of Mimecast added: “If someone falls in love with a scam like this, they are a good target for future scams.” ®
Webcast: Build the Next Generation of Your Business in the Public Cloud