In the case of anxiety, CBD is the go-to solution for millions around the world. However, with hackers exploiting the CBD trend, it has encouraged a new form of scam that causes people a bit of stress.
Vade Secure identified CBD phishing scams in three different languages, each with remote images, delayed links, randomized URLs, and a content activation approach to avoid threat detection. Over the last few months, Vade Secure found thousands of phishing messages targeting people who use Microsoft 365 in France and the US.
Phishing scams about CBD may not be new but have been gaining momentum in the recent past. At the start of the coronavirus pandemic, email scammers delivered mass coronavirus-related messages to US people. One of those text messages concerned the promotion of cannabidiol oil in the form of a prospective coronavirus disease cure. There were fake reward offers in those kinds of emails. A year afterward, Vade Secure uncovered a million phishing messages related to fake Pfizer and Moderna vaccine surveys.
In November 2021, scammers wrongly made broadcaster Sir David Frederick Attenborough appear a proponent of cannabidiol oil on social media. This kind of image-building shows that hackers are paying much attention to cannabidiol, often using it as a clickbait item.
The latest scams indicate that scammers keep preying on people’s fears and delivering false information to lure them into clicking dangerous hyperlinks or downloading malware. This set of attacks is sinister because many use cannabis derivatives as alternative medications as well as turn to those products for chronic pain and other long-term health issues.
The emails target people personally, but these messages are delivered to users of Microsoft 365, affecting people working in environments in which stress is prevalent. Entrepreneurs must blend solid safeguards against phishing emails with user training programs. That said, it is potentially challenging for business owners to deal with phishing with cannabidiol content.
What does all the above mean for phishing attacks in the future? For one thing, we can anticipate seeing phishing attack messages plague user email inboxes, exploiting people’s emotions about cannabidiol for monetary and personal gains. Phishing awareness programs may be common in good organizations, but generic phishing simulation practices are not quite a solution to keep workers from clicking those emails. Remember, it takes just a thoughtless click for cybercriminals to access your network and damage your data, whether or not the attack pertains to CBD.