Security News > 2020 > March > Corporate Workers Warned of 'COVID-19 Payment' Emails Delivering Banking Trojan
IBM and FireEye have spotted a campaign that relies on fake "COVID-19 Payment" emails to deliver the Zeus Sphinx banking trojan to people in the United States, Canada and Australia.
The emails have the subject line "COVID-19 payment" and they carry malicious documents named "COVID 19 relief."
The emails seem to mainly target users in the US, Canada and Australia, and the targets in each of these countries have received slightly different emails.
The emails sent to Canadians say the payment was approved by Canada's prime minister, Justin Trudeau, and they claim the recipient can receive a check for 2,500 Canadian dollars if they fill out a form.
In addition to this campaign, FireEye has seen phishing emails titled "Internal Guidance for Businesses Grant and loans in response to respond to COVID-19" being sent to the employees of financial services organizations in the US. The files attached to these emails lead to a fake message from the US Small Business Administration, which takes victims to a phishing page designed to harvest Microsoft account credentials.