Malicious Actors Aim to Steal Banking Information via a “COVID-19 Relief Fund” Scam Email Campaign

The COVID-19 pandemic has turned into the perfect weapon in the hands of cyber criminals. Due to the rapid spread of the Coronavirus, people have become eager to receive the latest information surrounding the virus and how it affects people worldwide. Hackers exploit this vulnerability and develop scam email campaigns, aiming to infect as many users as possible and obtain their private data.

What Is the “COVID-19 Relief Fund” Phishing Scam Email

The “COVID-19 Relief Fund” email is an example of the phishing schemes that hackers are using during the pandemic to get their hands on the victims' bank account information and more. The email's subject is “Hello” and claims to be sent from The Asia Foundation. The message states that the recipient has been randomly chosen as one of the beneficiaries of the “COVID-19 Relief Fund”, and that they are to receive the sum of $155,000. However, in order to claim this fund, the unsuspecting victim has to send their name, occupation, location, and contact number. They also have to do that within a week, or else it will be passed on to another person.

What's interesting about this particular spam campaign is that it appears to be targeted towards business owners. Cyber criminals are trying to lure them with the false promise of monetary aid so that the business can cope with financial losses during the Coronavirus pandemic.

The email reads as follows:

"This is to inform you that you have been randomly selected as one
of the beneficiaries of The Bill and Melinda Gates Foundation's
"COVID-19 Relief Fund", in collaboration with The Asia
Foundation; which was setup to help business owners and
individuals during and after the corona virus pandemic.

You are to receive the sum of $155,000 USD (One Hundred and Fifty
Five Thousand USD).

The Bill and Melinda Gates Foundation has committed substantial
resources to ensure that the after effects of this pandemic on
businesses and jobs are reduced to the barest minimum. They have
decided to partner with The Asia Foundation so as to reach
beneficiaries as far as Asia.

To claim this fund, kindly send the following details to this
email ( covid19.asiafoundation@citromail.hu ) address only:

Name:
Occupation:
Location:
Contact Number:

You have just 1 week to claim this offer or your slot will be
passed on to another person.

Regards,
Sunder Ramaswamy
Chairman, The Asia Foundation"

This email is a phishing scam designed to steal your banking information. After sending the required information, the scammers will then request even more sensitive data like credit card details and bank account credentials, which will most likely be used to transfer more money to themselves. What's more, other fees may be imposed during the supposed Relief Fund transaction. If the victim chooses to trust this email and willingly send their private information, it will most likely result in a serious privacy breach, financial losses, and identity theft.

What to Do to Protect Yourself From Coronavirus-Related Scams

When it comes to COVID-19 threats, there are a few email models that hackers use to lure their victims. The most common Coronavirus-related scams revolve around one or more of the following topics:

  • Medical supplies
  • COVID-19 vaccines and treatment
  • Financial support for businesses
  • Fake charity donations and stimulus checks
  • Investment scams about Coronavirus-related products and services
  • Shady domains named after the virus

Being able to tell the difference between the fake COVID-19 services and the real ones is crucial. People shouldn't rush to buy everything that claims to be 'essential' during the pandemic, especially if such an offer was sent via email. Consumers should also be mindful when purchasing supplies online, as many fraudulent supply channels take the money out of your pocket and never deliver the promised products. Another popular scam is about financial relief plans, where scammers are lying to consumers that they need to pay a fee to receive financial support, most commonly about their student loans. As far as donations are concerned, there are some scams soliciting donations for specific individuals, groups, or areas that have been significantly affected by the COVID-19 strain. In reality, most of these charities are fake. In some cases, the scammers will be impersonating real global organizations to appear more trustworthy.

The majority of the Coronavirus-related scams are designed to trick recipients into downloading malicious software or sharing personal data and banking credentials. Upon receiving emails that claim to be from national or global authorities, make sure to compare the sender's email with the official address of the organization they claim to be. Everyone can state they are someone else in an email, but the email address itself is not something one can change. By checking the sender's address, you'll be able to determine if this email is fraudulent. Sadly, users are known to click on things without giving it a second thought.

During these difficult times, one should not be too careless when clicking everything with 'Coronavirus' or 'COVID-19' in the name. Hackers exploit this vulnerability by using scare tactics and writing eye-catching subjects that demand the unsuspecting victim's immediate attention. In most cases, making such a mistake leads to people falling victim to a scam or unknowingly installing malware on their computers.

June 22, 2020

Leave a Reply