It’s of no secret, that fraudsters have quickly shifted their strategies, in order to exploit the fears related to Coronavirus. Since the declaration of the pandemic by WHO, many organizations have witnessed an increase of more than 6,000% in spams that are Covid related. According to FBI’s recent public service announcement, the IC3 has seen an increase in reports of online extortion scams during the current “stay at home” orders to Covid-19 crisis. FBI also believes, as because large group of population are staying at home and are using computer more than usual, so scammers are using this opportunity to find new victims and pressure them to extort money.
Also, event after multiple years of warnings from the IRS and other law enforcement communities stating that IRS will never email individuals about tax filings, 35 percent of respondents still thinks IRS will communicate over email. The shocking part is more than half of small business owners also thinks that they will receive virus related notifications via e-mail.
Currently attackers are after various sensitive data and credentials, and the worst part is coronavirus related fears are making it easy for the attackers to persuade their victims with promises of money. Nowadays, the pandemic has opened up new avenues for these attackers to capitalize people’s uncertainty and fears and their desire to get more information on Covid-19.
Recently, the federal government have begun to roll out stimulus checks to Americans, which is also a powerful lure. Nearly two thirds of the adults, who have lost their jobs are most likely to engage with an email, that is related to stimulus relief. Also, according to 52 percent of IBM Security’s respondents have said they will click on links or open attachments, that is related to their stimulus check’s eligibility. These emails often include logos that are realistic and spoofed websites. Some of them also mimics American Express email and offers $2400 stimulus relief, but in order to claim it one requires authentication.
Attackers are also targeting personal accounts of US government officials, mostly by promising free and coupons in response to Covid-19. While some were lured to access websites, that are disguised as online ordering platforms. Those who tried to access the websites were asked for their Google account’s credentials. Attackers are also using various avenues to trick those who are working in various national and international health organization.