Rampant inflation is driving an increase in email-based threats – both as threat actors feeling the pinch find it harder to pay their bills and as desperate recipients experiencing financial hardships of their own fall prey to their tactics. Learn what to watch for to protect yourself from these “too-good-to-be-true” schemes.

With inflation soaring to all-time highs worldwide, everyone seems to be dealing with the effects and finding themselves needing a little more money to cover gas, rent, groceries, and bills. Despite wage increases, earnings have not gone up fast enough to keep pace with inflation. So, what happens in the cyber world when a critical world event is occurring? Threat actors are opportunistically setting their traps to take advantage of needy and unwitting victims.

GoSecure analysts have seen a surge in the number of these, easy money scams with the biggest difference between these and other text-based scams being that they no longer seem to have to involve a large sum of money to grab the victim’s attention. Analysts have seen numbers as low as $300 a week being effective in drawing in targets.

Let’s set the stage: The victim is in a “not enough money to make ends meet job” and they receive an email like this from a co-worker or classmate:

 
Screenshot of an email from the World Health Organization

Attached is a letter explaining the work which appears to be on WHO letterhead:

Hello,

 

I am Dianne Arnold, Director and Clinical Counselor of Supply Division of World Health Organization (WHO).

 

I provide individual and group therapy, coaching, assessment, and academic screenings to support Students and educational workers with disabilities (Physical, Chronic, Psychiatric, & Invisible) registered with World Health Organization (WHO). A large percentage of the students and adult educational workers served by the mental health unit have p­­sychiatric disabilities or co-morbid psychiatric disabilities and need mental health support to be successful at the educational institutions.

 

In addition, many University Students with academic difficulties and no prior diagnosis are seen and assessed through the academic screening and assessment process. I also am the director of supervision, training and coordination of counseling psychology and clinical psychology graduate students in the United States who have practicums at World Health Organization (WHO) and APA-accredited school psychology pre-doctoral interns.

 

Since the start of the COVID-19 outbreak, World Health Organization (WHO) has been delivering health supplies to many University Students and adult educational workers with academic difficulties to help in their response to the pandemic. You have received this email because you have an offer to work with me in your university as a temporary personal assistant to help deliver essential products and services to Students and educational workers with disabilities.

 

This is a very easy job. You will only help me purchase some Items online when needed and drop-ship to the assigned Student or educational worker with disabilities. This employment only takes about 1-2 hours per day and 3 times a week with a weekly pay of $500.00.

 

I am unable to call you for an interview because I am currently away in Singapore, and helping the disabled students in the Asia-Pacific region. You will be paid weekly for all tasks done on my behalf. As soon as I got back from my trip, we will discuss the possibility of making this job a long-term employment.

 

My arrival in the States is scheduled for Monday, August 22 2022.

 

To confirm your interest, kindly email me with your Full Name | Age | Address | your Yahoo, Gmail or Hotmail Email Address and your mobile number to my work email dianne.arnold@worldhealthcareers.org

 

I will send you more details on the job description, your duties and responsibilities as soon as I receive from you.

 

Sincerely,

 

Dianne Arnold
Director, Supply Division
dianne.arnold@worldhealthcareers.org

 
These types of fake employment scams can motivate the victim across many levels:

  • Immediate, sometimes desperate need for extra income
  • Appearing to come from World Health Organization (WHO), an organization which became well known during the Covid-19 pandemic
  • Tugging at heartstrings by indicating the position will be helping disabled students or educational workers
  • Appearing to be very easy to get started. Initially, there is no need to fill out a long form (YET!) nor do they ask for any personal information (YET!)

One might be inclined to be more confident in the offer if they received this from a colleague, classmate or maybe a friend, and additionally that the sender wouldn’t share it with me unless they’d already investigated it.

THINK AGAIN! Threat actors leak 5.5M email addresses a day and are experts at spoofing, concealing the actual sending, making targets believe it was sent from a trusted source. It is always considered best practice when it comes to any request involving money or personal information to contact the sender by means other than email to confirm that the email request is legitimate.

 
Things to look for which indicate potential threats:

  • Domain names that are unfamiliar, overly long or complex, or that do not match those of the organization being referenced, such as worldhealthcareers.org which isn’t the WHO.
  • The job offer seems too good to be true, 1-2 hours a day, 3 times a week. So, in theory, if this was a legitimate job, a person would make between $83 and $166 an hour. It may seem like a great offer, but it is 100% fake.
  • Does the language, grammar or spelling within the email or any attachment being sent or included seem off?
  • Does the Reply To address match the from address?

GoSecure IDR routinely checks similar emails for these and other indicators that might call the legitimacy into questions, detecting threats before they become a problem. Industry leading technology along with expert human analysis adds a layer of security that protects you, your colleagues and your company from email borne threats.

 
Top Threat Subject Lines (look for variations):

  1. Free Piano Giveaway
  2. Memo From HR
  3. Email Portal Login
  4. You have a new voicemail
  5. You’ve received a document for signature
  6. Documents shared via Teams
  7. Payroll Statement
  8. UPS Pending Delivery
  9. I need help
  10. Please Read – Important from HR

 
Top Threats Blocked:

  1. Credentials Phish – Attached .html or link to a login page
  2. Password protected attached Zip – Password is included in body of email. Zip file may contain .exe, .img or similar type files
  3. BEC Phish – Email that appears to come from a superior in the need of help. The Sent-From email may be compromised or spoofed
  4. Malware Link – This could come in the form of a waiting document or a work-related document. It can also be seen as a business contact sending a request for a quote or business proposal.
  5. Funds Phish – This could come in many forms such as a package held in customs or a sum of money that is unclaimed.

GoSecure Titan® Managed Extended Detection & Response (MXDR)​

GoSecure Titan® Managed Extended Detection & Response (MXDR)​ Foundation

GoSecure Titan® Vulnerability Management as a Service (VMaaS)

GoSecure Titan® Managed Security Information & Event Monitoring (Managed SIEM)

GoSecure Titan® Managed Perimeter Defense​ (MPD)

GoSecure Titan® Inbox Detection and Response (IDR)

GoSecure Titan® Secure Email Gateway (SEG)

GoSecure Titan® Threat Modeler

GoSecure Titan® Identity

GoSecure Titan® Platform

GoSecure Professional Security Services

Incident Response Services

Security Maturity Assessment

Privacy Services

PCI DSS Services

Penetration Testing Services​

Security Operations

MicrosoftLogo

GoSecure MXDR for Microsoft

Comprehensive visibility and response within your Microsoft security environment

USE CASES

Cyber Risks

Risk-Based Security Measures

Sensitive Data Security

Safeguard sensitive information

Private Equity Firms

Make informed decisions

Cybersecurity Compliance

Fulfill regulatory obligations

Cyber Insurance

A valuable risk management strategy

Ransomware

Combat ransomware with innovative security

Zero-Day Attacks

Halt zero-day exploits with advanced protection

Consolidate, Evolve & Thrive

Get ahead and win the race with the GoSecure Titan® Platform

24/7 MXDR FOUNDATION

GoSecure Titan® Endpoint Detection and Response (EDR)

GoSecure Titan® Next Generation Antivirus (NGAV)

GoSecure Titan® Security Information & Event Monitoring (SIEM)

GoSecure Titan® Inbox Detection and Reponse (IDR)

GoSecure Titan® Intelligence

OUR SOC

Proactive Defense, 24/7

ABOUT GOSECURE

GoSecure is a recognized cybersecurity leader and innovator, pioneering the integration of endpoint, network, and email threat detection into a single Managed Extended Detection and Response (MXDR) service. For over 20 years, GoSecure has been helping customers better understand their security gaps and improve their organizational risk and security maturity through MXDR and Professional Services solutions delivered by one of the most trusted and skilled teams in the industry.

EVENT CALENDAR

No upcoming events.

LATEST PRESS RELEASE

SECURITY ADVISORIES

 24/7 Emergency – (888)-287-5858