TY - GEN
T1 - Scam Pandemic
T2 - 2020 APWG Symposium on Electronic Crime Research, eCrime 2020
AU - Bitaab, Marzieh
AU - Cho, Haehyun
AU - Oest, Adam
AU - Zhang, Penghui
AU - Sun, Zhibo
AU - Pourmohamad, Rana
AU - Kim, Doowon
AU - Bao, Tiffany
AU - Wang, Ruoyu
AU - Shoshitaishvili, Yan
AU - Doupe, Adam
AU - Ahn, Gail Joon
N1 - Publisher Copyright:
© 2020 IEEE.
PY - 2020/11/16
Y1 - 2020/11/16
N2 - As the COVID-19 pandemic started triggering widespread lockdowns across the globe, cybercriminals did not hesitate to take advantage of users' increased usage of the Internet and their reliance on it. In this paper, we carry out a comprehensive measurement study of online social engineering attacks in the early months of the pandemic. By collecting, synthesizing, and analyzing DNS records, TLS certificates, phishing URLs, phishing website source code, phishing emails, web traffic to phishing websites, news articles, and government announcements, we track trends of phishing activity between January and May 2020 and seek to understand the key implications of the underlying trends.We find that phishing attack traffic in March and April 2020 skyrocketed up to 220% of its pre-COVID-19 rate, far exceeding typical seasonal spikes. Attackers exploited victims' uncertainty and fear related to the pandemic through a variety of highly targeted scams, including emerging scam types against which current defenses are not sufficient as well as traditional phishing which outpaced the ecosystem's collective response.
AB - As the COVID-19 pandemic started triggering widespread lockdowns across the globe, cybercriminals did not hesitate to take advantage of users' increased usage of the Internet and their reliance on it. In this paper, we carry out a comprehensive measurement study of online social engineering attacks in the early months of the pandemic. By collecting, synthesizing, and analyzing DNS records, TLS certificates, phishing URLs, phishing website source code, phishing emails, web traffic to phishing websites, news articles, and government announcements, we track trends of phishing activity between January and May 2020 and seek to understand the key implications of the underlying trends.We find that phishing attack traffic in March and April 2020 skyrocketed up to 220% of its pre-COVID-19 rate, far exceeding typical seasonal spikes. Attackers exploited victims' uncertainty and fear related to the pandemic through a variety of highly targeted scams, including emerging scam types against which current defenses are not sufficient as well as traditional phishing which outpaced the ecosystem's collective response.
UR - http://www.scopus.com/inward/record.url?scp=85112011041&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85112011041&partnerID=8YFLogxK
U2 - 10.1109/eCrime51433.2020.9493260
DO - 10.1109/eCrime51433.2020.9493260
M3 - Conference contribution
AN - SCOPUS:85112011041
T3 - eCrime Researchers Summit, eCrime
BT - Proceedings of the 2020 APWG Symposium on Electronic Crime Research, eCrime 2020
PB - IEEE Computer Society
Y2 - 16 November 2020 through 19 November 2020
ER -