COVID-19 Archives - Abnormal Security

Subscribe to receive twice-monthly updates of the latest attacks we've detected in the wild:

Abnormal Attack Stories: Spoofed Zoom Attack

In this attack, attackers are impersonating a notification from Zoom in order to steal Microsoft Office 365 credentials of employees at organizations targeted for this attack.

Read more

Abnormal Attack Stories: COVID-19 Relief Phishing Through Dropbox Transfer

In this attack, attackers impersonate the government efforts to provide relief funds to small business owners in order to steal personal information.

Read more

Abnormal Attack Stories: VPN Impersonation Phishing

In this attack, attackers are impersonating a notification from the user’s organization regarding VPN configuration. However, the email link hosts a phishing website aiming to steal credentials of employees.

Read more

Abnormal Attack Stories: Vendor Impersonation Fraud

In this attack, the attacker is impersonating a known vendor in order to receive payment for a fraudulent invoice.

Read more

Abnormal Attack Stories: LogMeIn Phishing

In this attack, the attacker is impersonating the collaboration software provider, LogMeIn, in order to obtain the recipient’s credentials.

Read more

Abnormal Attack Stories: Navy Federal Credit Union Phishing

In this attack, attackers are impersonating the US Navy Federal Credit Union in order to steal victims’ associated credentials.

Read more

Abnormal Attack Stories: DocuSign Phishing

In this attack, attackers impersonate a notification from DocuSign in order to steal those credentials from employees.

Read more

Abnormal Attack Stories: Microsoft Teams Impersonation

Attackers have been impersonating notifications from Microsoft Teams in order to steal the credentials of employees. Recently, Microsoft Teams has seen one of the largest increases in users as a result of

Read more

Abnormal Attack Stories: IRS Impersonation

In this attack, attackers are impersonating the IRS claiming that they have the recipient’s financial stimulus check, but need the recipient to verify their records on a landing page that will steal

Read more

Abnormal Attack Stories: Paycheck Protection Program Credential Phishing Attack

In this attack, attackers are impersonating the a representative of the CARES Act claiming they need the recipient’s signature for Paycheck Protection Program documents. Clicking on the link for the mentioned file

Read more

Abnormal Attack Stories: Payroll Malware

In this attack, attackers are posing as outsourced HR contractor informing employees of additional stimulus being provided to them and asking recipients to view the latest Payroll Report. The link to the

Read more

Abnormal Attack Stories: Zoom Malware

In this attack, attackers are posing as external employees and asking recipients to schedule a Zoom meeting with them by checking their schedule in an attachment that almost certainly contains malware.

Read more