How the pandemic made phishing worse

Have you received an unsolicited text message lately – perhaps asking you to click on a link to check your voicemail, or to receive a parcel?

Often, but not always, filled with spelling mistakes and enticing offers, these scams try to lure unsuspecting people into giving something up – usually money or sensitive information.

Phishing has been an issue for decades, but the pandemic has made the situation even worse. According to the Anti-Phishing Working Group, phishing numbers doubled globally in 2020.

In Australia, we lost over $851 million to scams in 2020 – a record amount, as scammers took advantage of the pandemic to con unsuspecting people.

Phishers are using the fact that many of us are shopping online (“you have a parcel waiting for you”), have vaccines on our minds (“click here to mail order Pfizer”), or are feeling financially vulnerable (“a refund from the tax office awaits you”) to con people.

Others are using COVID as an excuse to ask for their ‘customers’ to update their personal details, before stealing that sensitive information. Businesses are being targeted by scammers impersonating their suppliers, at a time when many are focused on just trying to stay open.

Email used to be the main method of reaching victims – but with the proliferation of smartphones, mobile app and SMS-based phishing and scams are now more common.

So what can you do?

To protect yourself, it’s vital that you don’t click on links, even if they appear to come from a trusted source. Never respond to unsolicited messages and calls that ask for personal or financial details – just press delete or hang up.

Never provide a stranger remote access to your computer, even if they claim to be from a telco such as Telstra or the NBN. And share information about scams when connecting with your friends, family and colleagues.

It’s so important that we educate people on this issue. La Trobe University and seven industry partners are engaging with high school students on cyber security concepts – as well as providing exciting new micro-credentialled learning and work placements to develop Australia’s cybersecurity workforce.

My team is also developing new technology to keep people safe – like a proactive phishing detection mechanism using machine learning.

So the next time you receive a message from an unknown number, be cautious. We all need to protect ourselves, and help keep everyone in our community ahead of the next cyber-attack.

Dr Jabed Chowdhury is a lecturer in cybersecurity at La Trobe University.

This article first appeared in Australian Community Media.