Security News > 2020 > April > Coronavirus-themed phishing attacks aim to capture banking credentials
These emails claim to offer help on getting government funds but instead lead recipients to a web page that tries to capture their banking credentials.
A button on the site proclaims: "Get Economic Impact Payment Now." Clicking on that button triggers a dropdown menu with the names of well-known banks, such as Wells Fargo, Chase, Bank of America, and Citizens Bank.
Choosing your particular bank brings up a page with the bank's actual logo prompting you to enter your account username and password.
Behind the scenes, your banking credentials are now in the hands of the scammers.
The scammers used HTML and CSS in a professional way to design a convincing phishing site, according to INKY. The dropdown menu of the banks, the bank logos, and the bank login pages all look legitimate.
News URL
Related news
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- GoIssue phishing tool targets GitHub developer credentials (source)