News

Majority of COVID phishing attacks coming from US IP addresses

An anti-phishing firm discovered that most of the malicious coronavirus emails were coming from the United States.

COVID-19 phishing emails have been bombarding inboxes since the virus began to spread in December and January. Cybercriminals have tried to push all kinds of scams to the masses using coronavirus-related topics, headers and organizations to get people to open malicious emails, files, or links. 
 
Complaints about phishing attacks have tripled since the concerns about COVID-19 became widespread, according to the FBI's Internet Crime Complaint Center.
 
Cybersecurity company INKY pored through the months of coronavirus-themed phishing emails and compiled a report on where most of them were coming from, finding that the majority of IP addresses found in email headers originated from the United States. 
 
Dave Baggett, CEO of INKY, acknowledged that these IP addresses might be easily spoofed by more skilled attackers but explained that there were a number of reasons most attackers would be in the US. 
 
"The majority of our users are American. Phishers prefer to target victims within their own geography because it's easier to research and impersonate since it's the same culture and language," he said in an email interview, adding that non-American attackers may also want to spoof a US origin to evade geographical filters.

Read full article.

Topics: