Application security, Threat Management, Malware, Phishing, Ransomware

FBI warns of COVID-19 phishing scams promising stimulus checks, vaccines

The FBI's Internet Crime Complaint Center (IC3) has issued a public service announcement warning citizens to watch out for email-based fraud and malware schemes that take advantage of the coronavirus pandemic.

Among the scams to look out for are emails purporting to contain helpful information from the Centers for Disease Control and Prevention (CDC) and other medical sources, and phishing emails that ask recipients to provide their personal information in order to supposedly receive an economic stimulus check.

"While talk of economic stimulus checks has been in the news cycle, government agencies are not sending unsolicited emails seeking your private information in order to send you money," states the announcement, which also says to look out for phishing schemes related to charitable contributions, financial relief, airline refunds, and fake vaccines, cures and testing kits.

Case in point: the actors behind the Netwalker/Mailto ransomware have recently launched a phishing campaign with coronavirus-themed content as part of a ruse to lure in and infect victims, according to a new report in BleepingComputer, citing the MalwareHunterTeam.

Reportedly, the malicious encryption campaign leverages the attachment "CORONAVIRUS_COVID-19.vbs," which contains an embedded executable, along with obfuscated for extraction and launch. Victims receive a TXT file ransom note that includes instructions for paying on a Tor site.

The Toll Group and the Champaign Urbana Public Health District (CHUPD) in Illinois are two recent, prominent victims of Netwalker.

Emails attempting to sell counterfeit goods and medical supplies are another problem, the IC3 warned as well.

An In-Depth Guide to Application Security

Get essential knowledge and practical strategies to fortify your applications.
Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

You can skip this ad in 5 seconds