New Scams for Federal Assistance have now surfaced. If you’re a US citizen, scammers have found a new way to make money with your Federal Assistance. Scammers use the global pandemic as a ‘hook.’ Since the pandemic’s start, several campaigns have designs for scammers to spread misinformation, steal vaccine research, and scam people out of Federal Assistance money.
The new variant on that sees the scammers sending out emails like baited hooks that appear to come from a wide range of US government agencies offering Federal Assistance.
Stripping away the details about the pandemic, these are classic phishing emails that have designs to collect a wealth of personal data that the scammers can use to help identify user names and passwords they will use in credential stuffing attacks later on.
A typical email in this New Scam campaign will claim that the Federal Assitance recipient has an entitlement to thousands of dollars of pandemic relief assistance and provide a link in the email body to “verify your eligibility.”
Naturally, an unsuspecting user clicks the link and it goes to a page that he will need to verify eligibility. It’s a page containing capture boxes. The user enters information such as names, addresses, social security numbers, income information which goes into a growing database maintained by the scammers for use later.
A new variant of the approach for this Federal Assistance to send potential victims a letter informing them that the Government suspends their pandemic relief payments “due to suspicious activity” and include an embedded link. The link will allow them to have payments restarted. Content differences aside, the page at the other end of the link works in the same way as our first example.