New Scam Lures Victims With Promise Of Federal Assistance

December 7, 2020

Written by wukovits

If you’re a US citizen, scammers have found a new way to make money at your expense, using the global pandemic as a ‘hook.’ Since the start of the pandemic, there have been a number of campaigns designed and run by scammers to spread misinformation, steal vaccine research, and scam people out of money.

The latest variant on that sees the scammers sending out emails like baited hooks that appear to come from a wide range of US government agencies offering federal assistance.

Stripping away the details about the pandemic, these are classic phishing emails designed to collect a wealth of personal data that the scammers can use to help identify user names and passwords that could be used in credential stuffing attacks later on.

A typical email in this campaign will claim that the recipient may be entitled to thousands of dollars of pandemic relief assistance, and provide a link in the body of the email to “verify your eligibility.”

Naturally, if an unsuspecting user clicks the link, instead of being taken to a page which will verify eligibility, he’ll be taken to a page containing capture boxes, and any information (name, address, social security number, income information, etc.) will be added to a growing database maintained by the scammers for use later.

A variant of the approach is to send potential victims a letter informing them that their pandemic relief payments have been temporarily suspended “due to suspicious activity” and include an embedded link. The link will give them the opportunity to have their payments restarted. Content differences aside, the page at the other end of the link works in exactly the same way as our first example.

It doesn’t get much lower than this, but one thing we’ve come to understand is that hackers and scammers will stoop to just about any low. Most of us know someone who’s out of work because of the pandemic. Make sure they’re aware of these kinds of operations. If we work together, we can minimize the impact of these types of campaigns.

Used with permission from Article Aggregator

Related Articles

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Update VMWare Software Immediately To Avoid Possible Attack

The US Cybersecurity and Infrastructure Security Agency recently issued a warning to all companies running VMware Vcenter Server and VMware Cloud Foundation. They are asking them to download and apply the latest security patches as soon as possible because attackers...

Send us a message

Your message was sent.

Thank you for contacting Bayou Technologies. We'll be in touch soon!

Need help? support-icon