The IRS, DHS’ Cybersecurity and Infrastructure Security Agency (CISA) and the Department of the Treasury issued a joint advisory to increase understanding of the threat of phishing and other cyberattacks associated to the Coronavirus Aid, Relief, and Economic Security (CARES) Act.
Because of the CARES Act, there is $2 trillion funding available to help businesses and people negatively impacted by the COVID-19 pandemic, which can help to decrease the financial load by means of economic impact payments to eligible Americans. Cybercriminals are using CARES Act payments as a bait in phishing attacks to get personal and financial data and attempt to redirect CARES Act payments. All U.S. citizens are advised to look out for scams associated with the CARES Act and COVID-19.
The U.S. Government reports that a lot of cybercriminal groups are utilizing stimulus-themed baits in phishing emails and SMS to get sensitive data like bank account data. Financial establishments were asked to tell their clients to exercise good cybersecurity procedures and to check for dubious account use and creation.
Criminals are making use of CARES Act-inspired email messages and sites to get sensitive data, propagate malware, and acquire access to computer networks. They include topics such as loan and grant programs, personal checks, economic stimulus, or other topics related to the CARES Act. These CARES Act associated cybercriminal initiatives could support a broad range of follow-on activities that could harm the implementation of the CARES Act.
Threat actors might try to interrupt the operations of agencies accountable for the implementation of the CARES Act, such as using ransomware to disrupt the flow of CARES Act funds and to extort the victims’ money. Federal, state, local and tribal organizations are being told to examine their loan processing, payment and banking systems and strengthen security to stop attacks.
Overseas threat actors were found to be processing fake claims for COVID-19 relief money, including one Nigerian business email compromise (BEC) group identified to have submitted over 200 fake claims for CARES Act payments and unemployment benefits. The team, called Scattered Canary, has been presenting several claims via state unemployment sites to get payments utilizing information ripped off in W-2 phishing attacks. The group has sent in a minimum of 174 fraudulent claims with the Washington state and over 12 claims with the state of Massachusetts. Around 8 states were targeted so far.
The U.S. Government has been sharing threat intelligence and cybersecurity practices to help disturb and prevent criminal activity. The U.S. Secret Service is presently concentrated on looking into operations to determine people taking advantage of the crisis to make sure they face justice and retrieve cash lost because of fraud.
The IRS has told taxpayers that it will not start contact with taxpayers by means of email, SMS, or social media sites to require personal and financial data including bank account numbers, PINs and credit card data. The IRS has cautioned Americans that copycat websites that could be created to get sensitive data and to carefully verify any domain for transposed letters or mismatched SSL certificates. The IRS is just utilizing www.irs.gov and the IRS-run webpage, https://www.freefilefillableforms.com/.
All people in America were informed to be wary and keep track of their financial accounts for indicators of bogus activity and to report incidents of phishing attacks and other frauds to the proper authorities. They should also inform their employer when they think they fall victim to a scam and disclosed sensitive data regarding their company.
The advisory, Avoid Scams Related To Economic Payments, COVID-19, are available on this page.