Keep Calm. Don’t Click.

Whenever there’s a major disaster, phishing emails follow. Phishers play on human emotions like fear and urgency, which today are spreading as fast as the Coronavirus itself. Themed Coronavirus phishing emails can simply ask the recipient to download an attachment or click a link to view the latest statistics on Covid-19. Accurate information can protect your users and organization from current and future Coronavirus phishing threats.

How to Find a Coronavirus Phishing Email

Coronavirus Phishing Infographic

 Download our infographic to share the 5 signs of a Coronavirus phish, plus check our blog and news feed on Coronavirus misinformation.  To view our repository of Coronavirus Phishing Yara Rules, visit our GitHub.

For authoritative information on the Coronavirus, visit the World Health Organization and the Centers for Disease Control.

Cofense recommends organizations avoid using these themes in phishing simulation campaigns. Security Awareness teams and incident responders should instead focus on communicating what to look for in phishing emails, as well as basic security measures while working from home.

Helpful Coronavirus Phishing Resources

Coronavirus Phishing Email Examples That Evaded Secure Email Gateways

Reported by Cofense End Users and Automatically Analyzed and Quarantined by Cofense Triage and Vision.

Coronavirus Phishing Yara Rules

Cofense is sharing these Yara rules publicly, for all. These rules consist of major and actionable indicators and keywords that Cofense has identified for phishing emails and related malware that are leveraging the Coronavirus or Covid-19 theme in phishing attacks. This data comes from Cofense’s Intelligence team, proprietary data collection sources, and the Cofense Phishing Defense Center.

Cofense Triage and Cofense Intelligence customers already have access to these rules. We will update the rules frequently to reflect changes in the phishing landscape.

Coronavirus Phishing Emails in the News

Top Email Protections Fail in Latest COVID-19 Phishing Campaign

Scammers Are Taking Advantage of Fears Surrounding Coronavirus

Beware of Criminals Pretending to be the World Health Organization

Coronavirus: How Hackers are Preying on Fears of Covid-19

Hackers are Now Using Coronavirus Lures to Infect Their Targets

Hackers are Trading on Coronavirus Fears with Phishing Email Scams

More Helpful Resources to Promote Phishing Awareness

Remote Working Resources

With many people now remote working, phishing threats are targeting workers and preying on unfamiliar routines, technology learning curves, and distracted employees. Covid-19 phishing emails are out there, bypassing technical safeguards and leveraging human vulnerabilities to infect your network.

Download our infographic in your preferred language

Arabic

French

German

Japanese

Spanish