Beware of Scams in Connection with COVID-19

April 7, 2020

Scammers continue to devise numerous ways of defrauding people in connection with COVID-19. The SonicWall Capture Labs Threat Research team has come across the below scams in connection with COVID-19.

IRS economic impact payment scam: The Capture Labs Threat Research team discovered a malicious campaign that involves government relief payments. It claims to have come from the Internal Revenue Service (IRS) and requests the user to verify the account number in the attachment. But the attachment “Attached doc.iso” is actually a malicious iso file that drops a remote access trojan onto the user machine.

Bank payment relief notice scam: The team also found a phishing campaign that is targeted towards customers of Absa, an African based financial services group. It claims to be the notice of payment relief plan for COVID-19 but the attached document is an html file, which when launched takes the user to the phishing webpage of Absa internet bank.

Medical supply scam: The research team also found a campaign targeted towards the medical supply businesses. It requests the medical supplier to supply the products specified in the attachment but the attached document is not a pdf file, it is a malicious executable that belongs to the malware family Agensla, that steals credentials from the victim’s browser, FTP and email clients.

CDC Phishing Scam: Another phishing campaign, found by the SonicWall team, claims to have come from CDC, stating that it is closely monitoring the Intellectual property landscape while responding to the Covid-19 outbreak across the Asia-Pacific region.

The research team recommends to:

Be wary of unsolicited emails offering information, supplies, or treatment for COVID-19 or requesting your personal information for medical purposes.
Not click on links or open email attachments from unknown or unverified sources. Doing so could download a virus onto your computer or device.
Check the websites and email addresses offering information, products, or services related to COVID-19.
Be aware that scammers often employ addresses that differ only slightly from those belonging to the entities they are impersonating.
Visit the Centers for Disease Control and Prevention (CDC) and World Health Organization (WHO) websites for updated information on COVID-19.

For the full report, visit SonicWall's Security Center.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 December

This month, Security magazine brings you the 2020 Guarding Report - a look at the ebbs and flows security officers and guarding companies have weathered in 2020, including protests, riots, the election, a pandemic and much more. Industry experts discuss access management and security challenges during COVID-19, GSOC complacency, the cybersecurity gap, end-of-year security career reflections and more!

View More Create Account

Beware of Scams in Connection with COVID-19

Related Articles

Related Products

Related Events

Report Abusive Comment