'COVID-19 Stimulus Payment' Email Scam
The 'COVID-19 Stimulus Payment' Email Scam is a new type of phishing attack. The criminals appear to be reaching out to users of various email services. The primary targets appear to be users in the United States of America, but multiple other regions are likely to be the target of this spam as well. Typically, the email comes with the title Receipt Summary. Its body claims that the user's COVID-19 stimulus payment has been completed. Naturally, this will attract the interest of the recipient.
According to the email, the receipt for the payment is attached to the email. Typically, this attachment has a random name such as 'Payment.Receipt/1012124.html.' The HTML file, however, leads users to a fake login page, which asks them to confirm their identity by entering their login credentials. This is the last stage of the scam – all credentials entered there are transferred in plain text to the server of the attackers.
So far, it appears that the 'COVID-19 Stimulus Payment' Email Scam is targeting email credentials exclusively. However, it would not be a surprise if the spam campaign undergoes minor changes to target other types of information as well.
Be vigilant about COVID-19 related content you find online. This subject is being heavily abused by cybercriminals to promote phishing and malware. Your government would not approach you by email to inform you about COVID-19 statistics, vaccines, or stimulus payments. If you encounter the 'COVID-19 Stimulus Payment' Email Scam, you should delete it immediately.