Beware of Scams in Connection with COVID-19

April 7, 2020

Scammers continue to devise numerous ways of defrauding people in connection with COVID-19. The SonicWall Capture Labs Threat Research team has come across the below scams in connection with COVID-19.

IRS economic impact payment scam: The Capture Labs Threat Research team discovered a malicious campaign that involves government relief payments. It claims to have come from the Internal Revenue Service (IRS) and requests the user to verify the account number in the attachment. But the attachment “Attached doc.iso” is actually a malicious iso file that drops a remote access trojan onto the user machine.

Bank payment relief notice scam: The team also found a phishing campaign that is targeted towards customers of Absa, an African based financial services group. It claims to be the notice of payment relief plan for COVID-19 but the attached document is an html file, which when launched takes the user to the phishing webpage of Absa internet bank.

Medical supply scam: The research team also found a campaign targeted towards the medical supply businesses. It requests the medical supplier to supply the products specified in the attachment but the attached document is not a pdf file, it is a malicious executable that belongs to the malware family Agensla, that steals credentials from the victim’s browser, FTP and email clients.

CDC Phishing Scam: Another phishing campaign, found by the SonicWall team, claims to have come from CDC, stating that it is closely monitoring the Intellectual property landscape while responding to the Covid-19 outbreak across the Asia-Pacific region.

The research team recommends to:

Be wary of unsolicited emails offering information, supplies, or treatment for COVID-19 or requesting your personal information for medical purposes.
Not click on links or open email attachments from unknown or unverified sources. Doing so could download a virus onto your computer or device.
Check the websites and email addresses offering information, products, or services related to COVID-19.
Be aware that scammers often employ addresses that differ only slightly from those belonging to the entities they are impersonating.
Visit the Centers for Disease Control and Prevention (CDC) and World Health Organization (WHO) websites for updated information on COVID-19.

For the full report, visit SonicWall's Security Center.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

Join our subject matter experts as they explore how the right systems can help identify, analyze and report potential incidents and help building owners sustain compliance and create safer spaces.

Security Magazine

2020 September

This month in Security magazine, we bring you our 2020 Most Influential People in Security annual report, where we highlight 22 industry leaders, their path to security, careers, goals and guidance for future security professionals. Industry experts discuss the evolution of ransomware, houses of worship security, cybersecurity standards, security careers in investigations and the unifying power of security. Diane Ritchey, past Editor-in-Chief, says goodbye and thank you to our readers.

View More Create Account

Beware of Scams in Connection with COVID-19

Related Articles

Related Products

Related Events

Report Abusive Comment