The United States government has issued an official alert stating that scammers are taking advantage of the benefits offered during the new coronavirus pandemic. The recommendations apply not only to citizens, but also to the government bodies and civil servants involved in the payment of these requests.
The statement has the signature of four bodies: Agency for Cybersecurity and Infrastructure Security (CISA), Secret Service, Treasury and Revenue (IRS).
Fraud involving government aid payments has been reported in several countries, including Brazil. The Federal Police has already arrested suspects of involvement in improper withdrawals that would have been carried out by cloning beneficiaries' cards.
The United States Congress passed in March the Cares law, providing for an economic stimulus of $ 2 trillion (about R $ 11 trillion), which includes lines of credit and direct payments, called "Payment of the Economic Impact of Covid-19 ".
The US Revenue Service had already issued an alert in April about possible scams involving aid payments. In the United States, these payments were made by bank deposit in the same account reported in the income tax or by sending checks.
The authorities feared that scammers would try to obtain the signature of the beneficiaries to steal the checks. Another possibility was the theft of personal information, allowing the benefit to be requested by the criminal himself – which was also registered in Brazil.
- LEARN MORE: Bonner reports that his son's data was used to defraud aid
In Brazil, the Emergency Aid Consultation allows you to check the progress of aid requests. The website can also inform you if there were any requests for assistance on behalf of a specific CPF, allowing anyone to see if there was any misuse of the data for this purpose.
Microsoft warns of new wave of attacks
Microsoft also issued an alert this week about a new wave of malicious emails with the Covid-19 theme. The messages try to convince the recipients to open a file that arrives attached to the email. The alert was posted on Twitter, on the Microsoft security team profile.
The file, which is in Excel format, claims to have data related to the spread of the coronavirus. The email uses a counterfeit sender to impersonate a statement from Johns Hopkins University, which has been a reference in such data.
Despite attacking the computer in the same way, email attachments differ from each other. This technique can evade security programs that would detect a large volume of identical attachments or identify the malicious file already known.
The emails purport to come from Johns Hopkins Center bearing "WHO COVID-19 SITUATION REPORT". The Excel files open w / security warning & show a graph of supposed coronavirus cases in the US. If allowed to run, the malicious Excel 4.0 macro downloads & runs NetSupport Manager RAT. pic.twitter.com/gXbxZOGpZf
When opened, the Excel file asks the victim to authorize the execution of macros. If the victim follows this instruction, code will be executed to install remote control software. By controlling the system, hackers can steal data, monitor computer usage or break into other equipment on the same network.
Questions about security, hackers and viruses? Send to firstname.lastname@example.org