Phishing for Fraud

305
Russian hacker hacking the server in the dark

With millions of Americans teleworking to prevent the spread of coronavirus, cybersecurity is a huge issue. Government employees and others use virtual private networks to stay connected to their agencies and falling for a cybersecurity scam can infect the networks of whole organizations.

Knowing fraudsters’ penchant for preying on people’s vulnerabilities, it shouldn’t be surprising that they are using fear about the coronavirus to conduct online scams. A common one that is circulating is a phishing scam that looks like an email from the federal Centers for Disease Control and Prevention. The email says, “Distributed via the CDC Health Alert Network,” and it includes a Web link to see “an updated list of new cases around your city.” That link includes “cdc.gov.” But if you click – and please don’t – it opens to what looks like a Microsoft Outlook email page in the hopes that people will leave their contact information. The best clue that this is fraud is the sender’s email at the top of the page has “@cdc-gov.org” (Pay attention, people! Real government email addresses end in “.gov.”)

Another version of this scam (a dumber one) includes the same fake CDC information, but this one includes a request for money to fight the coronavirus: “Funding of the above project is quite a huge costs and we plead for your goodwill donation ….” The giveaway here, of course, is that a government agency never asks for donations (you donate by paying your taxes) and if it did, the language would be grammatically correct. (Not a very sophisticated fraudster on this one.)

Today’s Fraud of the Day comes from a KCRA News Channel 3, an NBC affiliate, report, “Coronavirus crooks exposed: New scam uses fears to steal your information,” posted March 6, 2020.

At first glance, they look like official emails, but if you look closer, you’ll see it’s a scam. New phishing campaigns are using the coronavirus to get people to provide their email addresses and passwords. These phishing emails appear to spoof the Centers for Disease Control and Prevention, but they’re not from the government agency.

Experts like Kaspersky say that with the coronavirus heating up, we should expect to see malicious online campaigns using the epidemic as bait.

SHARE
Previous articleGreedy Gastroenterologist
Next articleGuardian Demon
Larry Benson
Larry Benson is currently the Director of Strategic Alliances for Revenue Discovery and Recovery at LexisNexis Risk Solutions. In this role, Benson is responsible for developing partnerships for the tax and revenue and child support enforcement verticals. He focuses on embedded companies that have a need for third-party analytics to enhance their current offerings.