The FBI’s Internet Crime Complaint Center (IC3) has issued a public service announcement warning citizens to watch out for email-based fraud and malware schemes that take advantage of the coronavirus pandemic.
Among the scams to look out for are emails purporting to contain helpful information from the Centers for Disease Control and Prevention (CDC) and other medical sources, and phishing emails that ask recipients to provide their personal information in order to supposedly receive an economic stimulus check.
“While talk of economic stimulus checks has been in the news cycle, government agencies are not sending unsolicited emails seeking your private information in order to send you money,” states the announcement, which also says to look out for phishing schemes related to charitable contributions, financial relief, airline refunds, and fake vaccines, cures and testing kits.
Case in point: the actors behind the Netwalker/Mailto ransomware have recently launched a phishing campaign with coronavirus-themed content as part of a ruse to lure in and infect victims, according to a new report in BleepingComputer, citing the MalwareHunterTeam.
Reportedly, the malicious encryption campaign leverages the attachment “CORONAVIRUS_COVID-19.vbs,” which contains an embedded executable, along with obfuscated for extraction and launch. Victims receive a TXT file ransom note that includes instructions for paying on a Tor site.
The Toll Group and the Champaign Urbana Public Health District (CHUPD) in Illinois are two recent, prominent victims of Netwalker.
Emails attempting to sell counterfeit goods and medical supplies are another problem, the IC3 warned as well.