Coronavirus stimulus payments offer tempting target for cybercriminals

Man with cash

While many industries are struggling to continue during the lockdown, the cybercrime business is gearing up to exploit the economic stimulus and relief payments being offered around the world.

Researchers at Check Point have seen COVID-19 related cyberattacks rise to an average of 14,000 a day this month, which is six times the average number of daily attacks compared to March.

Between April 7 and 14 the average number of daily attacks increased sharply to 20,000, 94 percent of which were phishing.

Since January, a total of 4,305 domains relating to new stimulus/relief packages have been registered globally. While some of these are legitimate, the researchers found that in March a total of 2,081 new domains were registered (with 38 being malicious and 583 suspicious). In the first week of April 473 were registered (18 malicious, 73 suspicious).

There was a major increase in the week of March 16 when the US government proposed its $2 trillion stimulus package to taxpayers. The number of new domains registered that week was 3.5 times higher compared to the average of previous weeks.

"Where there is money, there will be criminal activity. As economic stimulus payments start to flow, cyber-attackers want to get their share too," says Check Point's data team leader, Omer Dembinsky. "These scam websites use the news of the coronavirus (COVID-19) financial incentives, and fears about Coronavirus to try and trick people into using the websites or clicking on links. Users that visit these malicious domains instead of the official Government websites risk having their personal information stolen and exposed, or payment theft and fraud. We strongly urge citizens to beware of lookalike domains and be extra cautious when receiving emails from unknown senders."

You can read more about the findings on the Check Point blog.

Image credit: Vladyslav Trenikhin / Shutterstock

Comments are closed.

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.