Scammers never stop scamming. And this new one is extremely appealing because we all want another government relief check and forget in our haste to beware of con artists.
(Just as an update, the second Congressional relief has not yet been passed. Congress is on hiatus until July 20th and will then hash out further aid to Americans upon their return)
New Scam
But A tricky new phishing email—fraudulently sent from your local government funding agency—is pretending to offer up relief grants to those in need. Don’t fall for this hoax!
Unfortunately, this scam works so effectively because the hackers use a Dropbox link to disguise their malicious attachment. As we all know, Dropbox is a legitimate and commonly-used file sharing service. So, the email security filters that your business has in place to protect itself may not consider the link as a red flag–increasing the chances of this email landing in your inbox.
Dropbox gets through filters
According to Knowbe4, the phishing email urges you to click a Dropbox link so you can download a file that supposedly contains information about your relief grant payment. The link even includes an expiration date for an added sense of urgency. If you click the link, then, download and open the phony file, you’re taken to a look-a-like Microsoft 365 login page. If you enter any information on this page it will be sent directly to the scammers.
Always use caution with attachment emails…AND:
If you need assistance with managed security services contact DarkHound at [email protected]
-Samantha Keller
Sources: https://www.pennlive.com/coronavirus/2020/07/second-stimulus-checks-what-the-next-relief-package-might-look-like.html
Knowbe4
Image Source: https://www.pexels.com/photo/person-in-white-long-sleeve-shirt-holding-clear-bottle-3962516/