The PhishLabs Blog

With many U.S. citizens still waiting to receive their government-mandated stimulus, we are again seeing cyber criminals shift their tactics in accordance with the news cycle. Below is one example of a lure abusing access to an undeliverable stimulus payment. 

Cyber criminals are using coronavirus-themed voicemail notifications in the latest efforts to act on pandemic fears and steal credentials. The example below shows how they are doing it.

In recent efforts to deliver attacks that abuse the novel coronavirus, threat actors are exploiting workplace concerns about outbreak prevention and shipment delays. Below are two examples sent with the intent of delivering malware. 

In the past month, we have identified and documented the methods in which threat actors have exploited the novel coronavirus (COVID-19). As fear and uncertainty around the global pandemic continue to grow, threat actors are working in tandem to develop relevant malicious lures and cyber threats.

Cyber criminals are using the stimulus bill and relief payments to exploit growing concerns about financial security. The examples below are impersonating financial institutions. 

Threat actors are repurposing Nigerian Prince or 419 lures with novel coronavirus messaging to capitalize on the current pandemic. Today’s examples demonstrate how they are doing it.

Threat actors are exploiting employee concerns about infected colleagues. Our latest example targets Office 365 accounts at a large Canadian company by falsely claiming a colleague has died from the virus. 

The novel coronavirus is giving opportunistic threat actors new means of deploying malicious lures on unsuspecting targets. Today’s example shows the attacker leveraging the pandemic by offering guidance on how to avoid coronavirus scams. Unfortunately, it’s also a scam.

Threat actors continue using COVID-19 fears to exploit individuals on a variety of channels. Today we are taking a look at two new, related SMS lures. 

As COVID-19 continues to spread, we are seeing an increase in threat actors impersonating public health organizations and luring victims in with fake links to government agencies. The four examples below impersonate the Center for Disease Control and Prevention (CDC) and the World Health Organization (WHO) using lures we have recently observed.