Scammers target job loss fears with 'you're fired' e-mail, report warns
Online scammers across the globe are capitalising on fears of job and income losses during the Covid-19 lockdown, a new spam and phishing report has revealed.
The scammers, according to Kaspersky’s spam and phishing report for Q2 2020, use phishing mails, fake websites and social media to extract personal information, spread “malicious” software or defraud unsuspecting victims.
One of the techniques they use is to pose as human resources employees to send e-mails informing recipients that they had lost their jobs.
“The e-mails contain malicious attachments that purport to be receipts for two months’ salary. The employee was informed that the company had been forced to discharge them due to the pandemic-induced recession,” said the report.
The dismissal on the e-mail, Kaspersky said, "followed the book" as the attachment, according to the author of the e-mail, contained a request form for two months’ salary. The victim, however, only found malware attached.
“Banking phishing attacks also took advantage of people’s economic woes by sending e-mails purporting to offer various pandemic-related discounts and bonuses, directing them to links that gave attackers access to the victim’s computer or personal information.”
According to the report, in SA, scammers have targeted people who were hoping for financial relief during the lockdown.
“Local banks warned customers of phishing scams claiming their UIF funds had been approved, referring them to an attachment, and fake e-mails from the government claiming recipients had to insert their banking details on a link to access free funding.
“The department of labour also cautioned the public about a scam on social media promising people a payout of R30,000, using a spoofed departmental website asking people to check if their names appeared on a list of those entitled to funds.
“The disruptions wrought by lockdowns around the world presented a wealth of opportunities for scammers who took advantage of newly remote work environments and supply chain interruptions to target victims.”
The report also noted a spike in voice phishing scams at the end of the quarter if the year.
“These scammers sent e-mails posing as Microsoft directing recipients to call the Microsoft support team at the phone number supplied in the e-mail,” it said.
“The share of voice phishing in e-mail traffic rose noticeably at the end of Q2 2020.”
Scammers also took advantage of global shipping complications by sending fake notices of delivery delays, the report added.
“Other scams mailed targets claiming their packages could not be dispatched due to restrictions on certain types of goods, directing them to an attached archive which opened remote access to the victim’s computer.”