Recent Posts

Recent Blog Posts

The PhishLabs Blog

COVID-19 Phishing Update: Threat Actors Abusing Utility Concerns

Posted by Jessica Ellis on Apr 24, '20

In response to the financial difficulties resulting from COVID-19, many utilities have announced policy changes to suspend disconnects and provide relief to customers. As a result, many people are uncertain about what will happen should they be unable to pay their utility bills during the pandemic. As our latest example shows, this uncertainty is being exploited by threat actors. 


We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat actors are exploiting the pandemic.

utility company
In this example, the threat actor is exploiting the victim’s desire to know how their electric utility is responding to the coronavirus pandemic. The sender’s address powerandlightinc9999@{redacted}(dot)com is meant to add legitimacy to the lure by giving the impression that it’s coming from an electric utility. The subject and first heading mention coronavirus, but are vague. This tempts the recipient and forces them to click the link if they want more information. 


When the recipient clicks “Review Document” they are taken to a phishing page requesting Office 365 login credentials. 

ultility 0365 phish

URL: hXXps://squally-bridge(dot)000webhostapp(dot)com/v9/v9/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=1e66b90154664ea406d4dbfa3140cf40d6828d426e261fbfedae50390e0f4dd0f9c20ad2


There remains a significant number of utility companies who have been vague in their approach to this crisis. Cyber criminals mindful of end-of-month bills and financial anxieties are aware of the opportunity this poses and are taking advantage. 

For more intelligence on COVID-19 threats, see our ongoing coverage.

Topics: COVID-19

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all