Security News > 2020 > April > Coronavirus ‘Financial Relief’ Phishing Attacks Spike

Researchers are warning of an upward surge in social-engineering lures in malicious emails that promise victims financial relief during the coronavirus pandemic.
This latest trend shows cybercriminals continuing to look to the newest developments in the coronavirus saga as leverage for phishing campaigns, targeted emails spreading malware and more.
The message asks recipients to verify their email accounts through a malicious link that directs them to a phishing page.
Researchers pointed to similar phishing campaigns in Australia and the U.K. In Australia, a campaign was discovered using emails claiming to be from a major Australian newspaper and using the subject line, "Government announces increased tax benefits in response to the coronavirus." These email messages contain a PDF attachment with an embedded URL that leads to a phishing page, where victims are asked to input their Microsoft OneDrive credentials.
These emails, sent with a subject line of "COVID 19 : Relief Compensation," tells recipients they have been "Randomly selected to be compensated financially due to the outbreak of the COVID-19 Epidemic outbreak" and asks them to learn more by clicking on an fake Microsoft Excel-branded attachment that gathers emails and passwords.
News URL
https://threatpost.com/coronavirus-financial-relief-phishing-spike/154358/
Related news
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- How financial institutions can minimize their attack surface (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)