• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
AskCyber Home » News » scam » First Economic Impact Payment Scam Appears

First Economic Impact Payment Scam Appears

2020-04-08 by Michelle Dvorak

Economic Impact Payment aka Stimulus Payment Scam Impersonates Bank to Steal Banking Credentials and Money

The first Economic Impact Payment scam is making the rounds online. In this scam, hackers impersonate a bank and try to steal account login credentials from victims in order to steal their money. The hackers use email and a spoof website to trick the victim into giving them baking credentials to verify their identity and release the funds. Handing the scammers your banking credentials will only result in losing any money that is in the bank account. This impersonation scam was spotted by cyber security company Abnormal Security.

Although this is the first reported Economic Impact Payment Scam, not doubt it is not the last. The Stimulus payment checks have not even been issued yet. Hacker are just warming up.

COVID 19 Attack_13 Email
Image Credit: Abnormal Security – COVID 19 Attack_13 Email

In this impersonation scam, the hackers are targeting Office 365 users with an email that contains links to a malicious website. The phishing email informs the reader their stimulus payment has been credited but that they must first “verify” their account details because the payment has been put on hold. The email impersonates a major financial institution and contains cloaked links to a spoof website. If the reader clicks on the login link, they are redirected to a malicious website that steals the login information. If the victim enters their bank account login information on the website it is sent to the hackers.

The Economic Stimulus Payments are part of the Coronavirus Aid, Relief, and Economic Security (CARES) Act. The new law supplies $376 billion of much needed relief for individuals and businesses.

Email subject line: Covid 19 Stimulus Payment
Email Body: Prompts reader to verify banking account credentials (see image)

WEBROOT

Economic Stimulus Payments Scams – What You Need to Know

If the target of one of these phishing email follows the link to the hacker’s website and then enters banking credentials , they will compromise their bank account and most likely lose all money it in. Although this email is brief and well written, phishing emails often have misspellings and grammar errors in them.

  • The official name of these $1200 payments to US citizens is Economic Stimulus Payment. Any supposed “official” communications that use names like “Stimulus Checks,” “Stimulus Payment,” “Coronavirus stimulus payment,” or other variations to describe the economic impact payment are not official government communications.
  • The US Treasury will attempt to send your Economic Stimulus Payments via direct deposit. You do NOT need to verify any information with anyone or any bank to receive your money
  • As of today, NO Economic Stimulus Payments have been sent to anyone – either by check or by direct deposit
  • Be highly suspicious of any email, website, telephone call, text message of other that asks you to verify banking credentials or other personal information
  • NEVER click on links in emails from people or businesses you don’t know
  • Do not open or download unsolicited email attachments
  • If the email is from a business you do know or have a relationship with, go to their website and login. Read communications directly from your bank’s website
Abnormal Security - COVID 19 Attack_13 Payload
Image Credit: Abnormal Security – COVID 19 Attack_13 Payload

US Treasury Warns Citizens of Inevitable CARES Scams

Just last week, the U.S. Department of the Treasury and the Internal Revenue Service (IRS) warned citizens that scams attempting to steal Economic Impact Payments were inevitable. Although, none has been reported just a few days, ago, there are several variations making the rounds online. The Coronavirus pandemic has brought out hackers and scammers like gangbusters. Numerous phishing email scams are circulating with malicious email attachments attempting to infect computers with malware. INTERPOL also reports that hackers are increasingly targeting hospitals and large healthcare organization with ransomware attacks.

CARES Act – PPP Loans

Another part of the CARES Act is the $349B Paycheck Protection Program (PPP) Loan. With this part of the stimulus package businesses can take a low interest loan to cover payroll, rent and other business expenses. When used for certain things like payroll, the loan may be converted to a grant. In a National Small Business Town Hall hosted by Inc. Magazine and the U.S. Chamber of Commerce on Friday 03 April, the panelists cautioned that scammers are likely to target small businesses by offering “assistance” getting moeny faster or by filing paperwork on behalf of the owner. Both of which may result in losing more money.

Filed Under: scam

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version