Most Dangerous Phishing E-mails and Texts Cyber Thieves Sent in Q1 2022

Staff Report

Tuesday, April 19th, 2022

Research by Atlanta-based cyber security employee engagement firm Aware Force shows cyber crooks were devious in the first three months of 2022 in their attempts to dupe people into giving them money and personal information. Here are seven of the year’s most common phishing emails, so far:

Fake streaming links: Cybercrooks sent emails offering paid links to stream the new Spiderman movie, “No Way Home,” which was only playing in theaters. “When purchasers provided their credit card or bank account information, money was debited from their account, but, of course, the streaming link didn’t work,” reports Richard Warner, founder and CEO of Aware Force, which specializes in engaging its clients’ employees in cyber security awareness.

Misdirected password updates: Cyber thieves targeted Twitter users by sending fake emails urging them to “update” their account details or risk losing their verified status. The emails were aimed at collecting login credentials and multi-factor authentication codes.

Scammers taking over computers: There was a resurgence of phishing emails claiming users' computers had been compromised with viruses. Emails instructed users to call a phone number, where technicians took control of a victim’s computer and “fixed” the problem.

Fake email claiming to be from a reliable company: A phish appeared to come from Disney+ / ESPN / ABC, warning of suspicious activity on users’ accounts. Recipients were instructed to click on a button to reset their passwords, but scammers collected usernames and passwords that could have been used on other sites.

Dangerous Flash drives: Cyber thieves sent USB drives through the mail, claiming that the drives contained a $100 Best Buy or Amazon gift card for users to print and redeem. Malware was installed on computers if recipients plugged in the drive.

QR code fraud: scammers used fake QR codes on realistic-looking parking tickets, sending victims to genuine-looking webpages. Crooks pocketed the payments.

And the most common fake email the Aware Force cybersecurity team found during Q1: “The most common phishing emails this past winter involved requests for contributions for victims in Ukraine. Money never made it beyond the fraudsters who sent the emails,” said Warner.