top of page
  • Admin

In Shadow Of Coronavirus: Phishing Campaign Uses Job Hunting As Foil

Published: July 21, 2021 on our newsletter Security Fraud News & Alerts Newsletter.

At a time when most are anxious for life to get back to “normal,” returning to work is a big part of making that happen. While the number of coronavirus cases continues to go down in some areas and surge in others, there’s another escalation going on and its name is cybercrime. The level of hacks reported last month hit its own peak with a 16% increase compared to March and April of this year. That’s more than 158,000 coronavirus-themed attacks per week last month, according to Check Point Software Technologies. To no one’s surprise, cybercriminals continue to ramp-up malware attacks targeting the unemployed and those waiting for government relief payments.

Check Point’s findings reinforce that unemployment levels not seen since the Great Depression leads to the jobless being targeted by heartless scams and scammers. Phishing and malware attacks are up, with the company reporting a jump of 250 new domains registered using the word “unemployment.” Of these domains, 7% were malicious and another 9% were suspicious. These numbers aren’t good for anyone but cybercriminals.

Check Point finds a new email phishing campaign using malicious medical leave forms and resumés are spreading banking Trojans and information stealers like, well, only a virus can. With so many working from home during the pandemic, an infected employee-owned device used for work can catch even bigger phish as hackers make their way up the company food-chain. When the phishing email is opened, recipients are asked to enable the content of an attached file. Opening the attachment allows a malicious macro to run, infecting the device and allowing fraudulent financial transactions to take place. Macros provide an easy way for bad actors to record login data, passwords, financial account numbers, and anything else typed on a keyboard.

While this latest phishing campaign goes on, users, especially those working from home, are reminded their anti-phishing antennae should always be set on high. For starters, never enable a macro attachment and make sure they are disabled by default on a device. Always look for phishing red flags like suspicious or unknown senders, generic greetings, bad grammar, and typos. Subject lines or statements that require an immediate response should be deleted immediately. Never click on email links unless you’re 100% sure it’s legitimately from a friend or co-worker and is safe to click. Even messages from those you know can be dangerous, but don’t click from unknown senders or if you are not expecting a link or attachment.

All of this is a reminder during this time to always keep your “cybercrime mask” on to help keep a cyber-virus from taking root.

Want to schedule a conversation? Please email us at

bottom of page