Security News > 2020 > April > Scammers exploiting stimulus payments with phishing attacks and malicious domains
Since January, more than 4,000 domains related to coronavirus stimulus packages have been registered, many of them malicious or suspicious, according to Check Point Research.
These attacks typically take the form of malicious apps, phishing emails, and phony websites.
In a report published on Monday, cyber threat intelligence provider Check Point Research details the rise of phishing attacks and websites that try to trap people seeking information on the stimulus.
Beyond the domains, phishing emails with malicious attachments related to the stimulus have also continued to increase.
Sent to specific individuals at targeted organizations, these emails direct users to a phishing login page to deliver the malicious payload. Overall, 94% of the coronavirus-related cyberattacks during the past two weeks were phishing attempts, while 3% were mobile attacks sent through malicious apps or conducted through malicious activity on a mobile device.
News URL
Related news
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- E-ZPass toll payment texts return in massive phishing wave (source)
- iOS devices face twice the phishing attacks of Android (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Low-tech phishing attacks are gaining ground (source)
- MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks (source)
- Focused Phishing: Attack Targets Victims With Trusted Sites and Live Validation (source)