As job losses grow due to the coronavirus pandemic, cybercriminals are taking advantage of the situation to recruit individuals into money mule scams. Below are two examples that reference work-from-home opportunities.
We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat actors are exploiting the pandemic.
The first example directly addresses whether the recipient has lost their job due to the pandemic. The message is vague, mentioning only payment and that the victim must reply to the email to learn additional details.
Usually with these types of scams, if the victim accepts the job offer, they will be required by their fake employer to deliver on a series of menial errands. At some point, after the cyber criminal has ideally established trust and credibility, the victim will be given the task of moving funds that, unbeknownst to them, are stolen.
Sender’s Address: email@example.com
The second example targets a global financial institution with an offer of part time work. The sender states that the role could include both stay-at-home tasks as well as outside errands. Similar to the first email, the recipient must reply to the email to get more information.
Senders Address: firstname.lastname@example.org
Threat actors looking to conduct illicit financial transactions are using these fake employment opportunities to prey on individuals affected by COVID-19. While the tactics in these examples are not new, government agencies are warning that we may see an increase in these types of attacks due to the virus.
For more intelligence on COVID-19 threats, see our ongoing coverage.