Our Approach
Your Ultimate Guide to Human Layer Security
Find out why we created this new category nearly two years ago.
Solutions By Use-Case and Industry
CEO’s Guide to Data Protection and Compliance
Everything you need to know about compliance.
Human Layer Security Platform
Human Layer Security Platform Overview
Stops data breaches and security threats caused by employees on email.
Hear what they have to say
Building a Human Layer Security Culture at ARM
Focusing on Security Basics with Game Changing Technology.
Resource Categories
How to Hack a Human Report
Learn how hackers use social media to launch targeted social engineering and business email compromise attacks.
Blog Categories
Read 6 Reasons to Download “How to Hack a Human” Now
Ready? Set? Download.
Securing the human layer
See All Open Roles
Find the fit for you.

Tessian Recognized as a Representative Vendor in 2021 Gartner Market Guide for Data Loss Prevention — Read more.

Request a Demo
Request a Demo of Tessian Today.
Automatically stop data breaches and security threats caused by employees on email. Powered by machine learning, Tessian detects anomalies in real-time, integrating seamlessly with your email environment within minutes and starting protection in a day. Provides you with unparalleled visibility into human security risks to remediate threats and ensure compliance.
Spear Phishing

Spotting the Stimulus Check Scams

  • 16 April 2020

Tessian’s mission is to secure the human layer by empowering people to do their best work, without security getting in their way.

Since the US government announced that citizens who make less than $75K would receive $1,200 checks, we have found that there have been 673 newly registered domains related to the $2T stimulus package. 

Unlike the domains spoofing the U.S. Census that we discovered earlier this month, these URLs aren’t intended to mimic official government websites. Rather, these domains have been set up to take advantage of the stimulus package, using common questions or key words to lure users in such as whereismystimuluscheck.com or covid-19-stimulus.com

Where do these new domains go?

When we looked at the newly registered domains more closely, we found that nearly half of the newly registered domains hosted websites offer the following services:

  • Consultancy: helping people with the paperwork to get their checks
  • Calculators: asking users to enter their personal information, such as their age and address, to find out how much money they are entitled to
  • Donations: giving people the opportunity to donate their check to a Covid-19 related cause
  • Business loans

We also found that 7% of these spoofed domains were spam websites, with no clear call to action.

With hackers capitalizing on this global health crisis to launch targeted phishing scams, people need to be mindful of what information they share on these sites. 

The thing is that cybercriminals will always follow the money, looking for ways to take advantage of the fact people will be seeking more information or guidance on the stimulus package. Although not every domain registered in the last month may be malicious, it’s possible that these websites offering consulting and business loans could be set up to trick people into sharing money or personal information. 

Our advice? Always check the URL of the domain and verify the legitimacy of the service by calling them directly before taking action. 

Think twice about sharing your data

It’s also important to consider what data you are being asked to share via websites offering calculators or status checks, and what the websites offer after you have taken an action. Cybercriminals could use the information you shared to craft targeted phishing emails that include the ‘results’ of your assessment, tricking you to click on malicious links with the intention of stealing money, credentials or installing malware onto your device.

Earlier this week, the IRS launched a new online resource for citizens to check on their payment status. We anticipate that even more URLs will crop up as a result of this.

How to avoid potential scams

  • Think twice before sharing personal information to calculator websites. If it doesn’t look right, it probably isn’t 
  • Make sure the educational sites offering consultancy services are legitimate before sharing information or money. Always check the URL and, if you’re still not sure, verify by calling the company directly
  • Never share direct deposit details or your Social Security number on an unfamiliar website
  • Take care when sharing your email address and other personal information on websites like the calculator ones and question the legitimacy of the emails sharing your results before clicking on any links
  • Always use different passwords when setting up new accounts on these websites

 

More Articles

Get Advice on Phishing and Spear Phishing Scams
Related posts
Follow Tessian
Copyright © Tessian Limited. All Rights Reserved. Company registered number 08358482.
[if lte IE 8]
[if lte IE 8]