Phishing scam uses COVID-19 as lure to target DocuSign and SharePoint users

Throughout the pandemic, cyber criminals have been exploiting people’s uncertainty to conduct a variety of attacks, and although we are (hopefully) reaching the end of this turmoil, attackers remain as prolific as ever.

That was demonstrated again this month when researchers at Bitdefender revealed an ongoing scam that used COVID-19 messaging in an attempt to trick DocuSign and SharePoint users.

One of the scams purportedly asked the recipient to review a COVID-19 relief fund that had been approved by the board of directors.

The objective of the scam was to get victims to follow a link, which directed them to a mock-up of a login screen. If the recipient provided this information, the attacker would be able to compromise the account and access sensitive data or send malicious emails.

Although the attack originated in the US, a significant proportion ended up targeting European organisations.

Ireland was the most frequently targeted, receiving 26% of the emails identified by Bitdefender. Meanwhile, Sweden received 12%, Denmark received 5% and Finland and the UK also saw instances of the scam.

Common targets

This isn’t the first time DocuSign and SharePoint have been targeted in COVID-19 scams. They are among the most popular file sharing services worldwide, so it’s no surprise that cyber criminals would use them as lures.

Just last month SharePoint users were warned about targeted phishing attacks that claim users must urgently provide a signature on a document.

The researchers at Cofense who discovered the scam said it could be particularly dangerous given how many people are working remotely and rely on SharePoint.

Moreover, the link itself looks realistic, and could catch out anyone who isn’t familiar with the signs of a phishing email.

That’s why it’s essential for organisations to invest in staff awareness training to help them spot a phishing scam.

There will always be messages that slip through spam filters, and when that happens the only thing protecting your organisation is the recipient’s ability to respond appropriately.

If you’re concerned about your staff’s ability to do that, we recommend that you perform a simulated phishing attack.

This involves sending them a phony phishing email without a malicious payload, giving you the opportunity to see how many employees are fooled.

IT Governance currently offers a Coronavirus Phishing Attack Simulation that looks specifically at the ways scammers are exploiting the pandemic and the ways in which employees are most vulnerable.

Depending on the results of this assessment, you may decide that you need to provide a dedicated training course on identifying and responding to phishing scams.

With our Phishing Staff Awareness E-Learning Course, your employees will learn everything they need to stay safe.

The 45-minute course uses real-life examples above to explain how phishing emails work, the clues to look for and the steps to take to avoid falling victim.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.