In an exclusive article, the Dutch IRS gave its perspective on the cyber threat landscape in the Netherlands. December is typically one of the busiest months of the year for cybercrime because of the holidays. So far this year, over 150,000 social engineering attempts have been reported. This is already over four times as many as attempts that were reported in 2019.
This corresponds with the reports received from another Dutch initiative against social engineering; the ‘Fraudehelpdesk’, an organization focused on helping victims of fraud. They have seen over 200,000 reported scams, and are expecting to see at least 100% growth compared to last year.
Tax season is still a popular time to send phishing emails. However, with COVID-19, cybercriminals have become bolder and are exploiting this by adding phrases such as ‘..because of Corona’ to their emails. This creates a sense of urgency in people to enhance the rate of success of the scams.
With COVID-19, people are working from home more often, making them more susceptible to phishing. Cybercriminals know this, and therefore send millions of phishing attempts through email, SMS , and WhatsApp. They often ask for small amounts of money, typically below 50 euros. Cybercriminals know most payment providers allow them to trade money into bitcoins anonymously below that amount, so they take advantage of that opportunity.
And although the Dutch IRS is increasingly effective at preventing phishing campaigns, it remains a game of cat and mouse. Because these scams keep evolving, and people keep falling for cybercriminals' tricks, it is now more important than ever to educate your users on how to detect and prevent social engineering attacks with new-school security awareness training.
You can read the full article, in Dutch, here.