Fake COVID-19 Credit Union Profiles Popping Up on InstagramThe PhishLabs team revealed to Security Boulevard that digital fraudsters are impersonating credit unions on Instagram. To pull this off, malicious actors began creating fake profiles that contain financial institutions' names, logos and links to their websites along with mentions of COVID-19. They then started using those accounts to DM followers and to inform them that they had been selected for a cash prize.
Work-from-Home Offers Used to Conceal Money Mule ScamsThat wasn't the only piece of research from PhishLabs this past week. In a blog post published on the security firm's website, researchers revealed that they had come across attack emails from a spray-and-pray campaign that had attempted to entice people laid off as a result of the pandemic with work-from-home opportunities. One email offered recipients as much as $5,000 a week for a fabricated position.
Remcos Engaging in All Kinds of Coronavirus-Themed AttacksMicrosoft Security Intelligence took to Twitter to announce that the digital attackers had been using numerous attack campaigns with COVID-19 lures to distribute Remcos RAT. In one example, researchers revealed that malicious actors had impersonated the Center for Disease Prevention and Control (CDC) Health Alert Network to target South Korean manufacturing firms. These emails claimed to offer recipients updates about "safety measures and existing cases in [their] city," but in reality, they leveraged a .ISO file to drop Remcos as their payload. https://twitter.com/MsftSecIntel/status/1257324139515269121 In another campaign detected by nefarious individuals, digital attackers impersonated the American Institute of CPAs and claimed to be delivering "COVID-19 related updates" to its members. Those emails arrived with a .ZIP archive that delivered the trojan.
Medical Suppliers Targeted by Agent Tesla OperationsResearchers at FortiGuard Labs came across an attack campaign that targeted a medical device supplier. Those responsible for the operation claimed that they had tried calling earlier about purchasing a "quite bulky list of pharmaceuticals and medical devices" for the purpose of assisting with the COVID-19 response. They said that no one had picked up the phone, so they indicated that they had sent over an attachment allegedly containing information about their company.
Fake IRS Pages Designed to Help Steal Users' Stimulus ChecksIn the last ploy of our week, researchers at SecureWorks witnessed nefarious individuals targeting users with phishing pages designed to look like tax forms employed by the U.S. Internal Revenue Service.
Check out our other COVID-19 scam roundups below!
- COVID-19 Scam Roundup – May 11, 2020
- COVID-19 Scam Roundup – May 4, 2020
- COVID-19 Scam Roundup – April 27, 2020
- COVID-19 Scam Roundup – April 20, 2020
- COVID-19 Scam Roundup – April 14, 2020
- COVID-19 Scam Roundup – April 6, 2020
- COVID-19 Scam Roundup – March 30, 2020
- COVID-19 Scam Roundup – Week of 3/16/20