Here are two phishing examples that show how low hackers will go.
Cybercriminals are trying to make money off the New Zealand mass shooting that killed dozens of people.
And hackers are using the Ethiopian Airlines crash that killed 157 people, and fears over the grounded Boeing 737 Max 8, in a phishing campaign.
Phishing on fears over Boeing's 737 Max 8 crash
The 360 Threat Intelligence Center shared the following 2019 phishing email hackers have been sending, with the subject line, "Airlines plane crash, Boeing 737 Max 8."
And according to @360TIC, the letter carries a cybersecurity busting payload:
Here is the Virus Total analysis of this phishing email's contents.
Cybercriminals trying to make money from mass shooting
And if a cyberattack built on the back of plane crash victims isn't low enough, how about trying to scam people who want to help victims of a mass shooting?
That's exactly what's happening following the New Zealand mosque shootings that killed at least 50 people in March 2019.
The world wants to help, and cybercriminals want to help themselves.
Cyber bad actors are spoofing Westpac, which is one of Australia’s four major banking organizations and one of the largest banks in New Zealand.
The email scam is asking for donations to help victims of the shooting, but a bank spokesperson told New Zealand's 1 News Now:
"These emails are NOT from Westpac and we advise anyone who receives one to forward it to email@example.com. If you hover over the link you'll see it goes to a scam site called
At last count, more than $5 million has been donated to a fund for New Zealand shooting victims, but it is unclear how much money the shooting email scam may have siphoned from that legitimate effort to help.
These are two excellent (and terrible) security awareness examples worth sharing with those you know or work with.
Because this is how low cybercriminals will go.