This article was published on April 20, 2020

Scammers are using fake coronavirus stimulus payment sites to steal your money


Scammers are using fake coronavirus stimulus payment sites to steal your money Image by: Blue Diamond gallery

Last month, the US Congress passed a historic $2 trillion stimulus package to help Americans fight the devastating economical effects of the coronavirus epidemic. As a part of the program, the government started sending out $1,200 checks to US citizens last week. So far so good.

Unfortunately, cybercriminals are taking advantage of this situation to trick people out of their money in these difficult times. According to a study by cybersecurity company Check Point, attackers are targeting people through stimulus-themed websites and emails for stealing data and money.

[Read: An entrepreneur’s guide to long-term marketing strategies amid COVID-19]

In one of the cases studied by the firm, attackers sent emails to people to steal usernames and passwords through fake login forms.

Example of a stimulus-related phishing attack

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

From the beginning of the last month, 4,305 stimulus-related domains have been registered. Out of those, 56 were malicious and 656 were suspicious. 

Credit: Check Point
Malicious activity on economic relief and stimulus package

Check Point’s Data Team Leader, Omer Dembinsky, said people should only use authorized government websites to avail financial benefits:

As economic stimulus payments start to flow, cyber-attackers want to get their share too. These scam websites use the news of the coronavirus-related financial incentives, and fears about Coronavirus to try and trick people into using the websites or clicking on links.  Users that visit these malicious domains instead of the official Government websites risk having their personal information stolen and exposed, or payment theft and fraud. We strongly urge citizens to beware of lookalike domains and be extra cautious when receiving emails from unknown senders

The security company also noted that in the past week, coronavirus related attacks have shot up from 14,000 attacks a day on average in March, to 20,000 attacks per day. It added that a whopping 94% of attacks in the past two weeks have been phishing.

The news from Check Point is yet another indicator that cybercriminals will stoop to new lows to target vulnerable people during a pandemic. Last week, Google said that it blocked 18 million malicious emails and 240 million spam emails with a coronavirus angle every day.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with