Cybercriminals have wasted no time in hopping on the American Rescue Plan – the COVID-19 relief legislation just signed into law – as a lure for email-based scams.
According to researchers at Cofense, a campaign began circulating in March that capitalized on Americans’ interest in the forthcoming $1,400 relief payments and other aid. The emails impersonate the IRS, using the agency’s official logo and a spoofed sender domain of IRS[.]gov – and claim to offer an application for financial assistance. In reality, the emails offer the Dridex banking trojan.
The email says, “It is possible to get aid from the federal government of your choice” and then offers “quotes” for a pie-in-the-sky litany of great (and nonexistent) things – such as a $4,000 check, the ability to “skip the queue for vaccination” and free food.
Related story: US taxpayers targeted in NetWire, Remcos Trojan attack wave