Recent Posts

Recent Blog Posts

The PhishLabs Blog

COVID-19 Phishing Update: Money Mule Scams Use Remote Opportunities to Entice Victims

Posted by Jessica Ellis on May 5, '20

As job losses grow due to the coronavirus pandemic, cybercriminals are taking advantage of the situation to recruit individuals into money mule scams. Below are two examples that reference work-from-home opportunities. 
 
We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat actors are exploiting the pandemic.

work from home job scam
 
The first example directly addresses whether the recipient has lost their job due to the pandemic. The message is vague, mentioning only payment and that the victim must reply to the email to learn additional details. 
 
Usually with these types of scams, if the victim accepts the job offer, they will be required by their fake employer to deliver on a series of menial errands. At some point, after the cyber criminal has ideally established trust and credibility, the victim will be given the task of moving funds that, unbeknownst to them, are stolen.  
 
Sender’s Address: shenyeh5@gmail.com
 
wells fargo work from home money mule

The second example targets a global financial institution with an offer of part time work. The sender states that the role could include both stay-at-home tasks as well as outside errands. Similar to the first email, the recipient must reply to the email to get more information. 
 
Senders Address: carterjonathan309@u14210585.wl086.sendgrid.net
 
Threat actors looking to conduct illicit financial transactions are using these fake employment opportunities to prey on individuals affected by COVID-19. While the tactics in these examples are not new, government agencies are warning that we may see an increase in these types of attacks due to the virus.

 For more intelligence on COVID-19 threats, see our ongoing coverage.

Topics: COVID-19

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all