COVID-19 Phishing Schemes Persist with Google Forms
Category: Threat Actor Activity | Industry: N/A | Level: Strategic | Source: Inky
Threat actors continue to utilize phishing themes associated with the COVID-19 pandemic taking advantage of users. Researchers from INKY observed COVID-19 phishing attacks throughout 2022, however, emails appear to have spiked in September of 2022. Doubling in volume from previous months. The latest phishing emails observed target small business owners seeking financial relief. To harvest credentials from victims, attackers impersonate the United States Small Business Administration (SBA), an agency providing financial support to business owners. Upon receiving an email to apply for a loan, the victim is brought to a Google Forms site where they will disclose personally identifiable information (PII) such as Google account credentials, social security numbers, and bank account information as if they were applying for a loan. The Small Business Administration (SBA) is currently not running any initiatives, thus small businesses should be vigilant to any email communication they will receive and verify only from official government sources. COVID-19 infections will likely rise as the northern hemisphere heads into winter months with colder climates. Threat actors will likely increase email distribution using COVID-19 as the phishing lure.