Threat actors are using social media to engage in money-flipping scams abusing the novel coronavirus. The two examples below demonstrate how they are doing it.
We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat actors are exploiting the pandemic.
The first example uses Facebook to target users who belong to specific financial institutions. The scammer uses a stimulus reference and the slang term Da Rona to indicate that the giveaway is to help those economically impacted by the pandemic.
We can only speculate if the intent of the scammer is to steal bank account information or to bring negative attention to the specified banks.
The second example increases visibility to the threat actor's desired audience by using coronavirus hashtags: #COVID19, #Coronavirus, and #COVID19Pandemic
The offer preys on financially vulnerable individuals by promising cash through a mobile payment app if they like or retweet the post. Similar to the first screenshot, we can only assume the intent of the scammer; however, in many of these situations, the recipient is required to pay money upfront for false reasons such as verification of funds or, to have their cash flipped into a much larger amount. When they comply, the victim usually loses touch with the scammer, as well as their money.
Money flipping scams or, the idea that if you give someone cash, they will be able to double or triple the amount, isn't a new phenomenon. Recently though, legitimate giveaways hosted on popular social media sites like Facebook and Twitter have made claims of free money all the more enticing, leaving individuals who are economically impacted by the pandemic even more vulnerable.
For more intelligence on COVID-19 threats, see our ongoing coverage.
Additional Resources:
