Scammers are using fake coronavirus stimulus payment sites to steal your money

Last Updated on by Segun Ayo

Last month, the US Congress passed a historic $2 trillion stimulus package to help Americans fight the devastating economical effects of the coronavirus epidemic. As a part of the program, the government started sending out $1,200 checks to US citizens last week. So far so good.

Unfortunately, cybercriminals are taking advantage of this situation to trick people out of their money in these difficult times. According to a study by cybersecurity company Check Point, attackers are targeting people through stimulus-themed websites and emails for stealing data and money.

[Read: An entrepreneur’s guide to long-term marketing strategies amid COVID-19]

In one of the cases studied by the firm, attackers sent emails to people to steal usernames and passwords through fake login forms.

Example of a stimulus-related phishing attack

From the beginning of the last month, 4,305 stimulus-related domains have been registered. Out of those, 56 were malicious and 656 were suspicious. 

Credit: Check Point
Malicious activity on economic relief and stimulus package

Check Point’s Data Team Leader, Omer Dembinsky, said people should only use authorized government websites to avail financial benefits:

As economic stimulus payments start to flow, cyber-attackers want to get their share too. These scam websites use the news of the coronavirus-related financial incentives, and fears about Coronavirus to try and trick people into using the websites or clicking on links.  Users that visit these malicious domains instead of the official Government websites risk having their personal information stolen and exposed, or payment theft and fraud. We strongly urge citizens to beware of lookalike domains and be extra cautious when receiving emails from unknown senders

The security company also noted that in the past week, coronavirus related attacks have shot up from 14,000 attacks a day on average in March, to 20,000 attacks per day. It added that a whopping 94% of attacks in the past two weeks have been phishing.

The news from Check Point is yet another indicator that cybercriminals will stoop to new lows to target vulnerable people during a pandemic. Last week, Google said that it blocked 18 million malicious emails and 240 million spam emails with a coronavirus angle every day.

Corona coverage

Read our daily coverage on how the tech industry is responding to the coronavirus and subscribe to our weekly newsletter Coronavirus in Context.

For tips and tricks on working remotely, check out our Growth Quarters articles here or follow us on Twitter.