How cyber hacks have been targeting stimulus checks and pPP funds in the uSA
The United States of America is one of the hardest struck country, Covid 19. Like it caused havoc around the world, it also destroyed small businesses and caused mass unemployment all over America. Numerous countries offered a relief program, and soc did the USA.
Donald Trump signed the Coronavirus Aid, Relief, and Economic Security Act, or CARES Act, into law and offered the most extensive emergency relief bill of $2 Trillion. This stimulus package is the largest in American history. The package gave $1200 to citizens that met the criteria.
Small business owners were also affected by Covid. The SBA offered these small owners payment protection payments loans. The loans allowed business owners to pay their employees during the crisis.
It all looks convenient and helpful, but there are always hackers where the money is involved. Data shows a significant spike in hackers targeting stimulus checks and even PPP funds.
Criminals used a method called phishing to carry out more than 94% of stimulus check and PPP fund related attacks all over the USA. Let's try to understand this better.
What is Phishing:
Phishing is when a criminal sends you a malicious email containing famous logos and names, disguised with trustworthy text, from similar-sounding email names, to trick you into giving your personal and confidential information to them. The email appears legit, which is why many people fall for this scam.
How they carry out the scam:
The subject contains keywords like "UN Covid 19 Stimulus", "Covid Relief Package," Covid-19 Payment", etc. This catches the attention of victims, and they are forced to open the email.
The same applies to PPP funds. They also contain keywords like "PPP Fund Approval," "Get your PPP Loan," "Apply for PPP Loan," etc. The key takeaway is that It forces victims to open the email.
After opening the email, they find a very neatly typed proposition. They include all the essential words and relevant images, which convinces victims that the email is legit.
Next, the victims are instructed to click on a fraudulent link. This link is also tweaked to seem legit. The link takes them to a fraudulent website where they have to enter confidential data.
From the victim's viewpoint, this website is legit, so they happily give whatever it asks.
In the case of stimulus fraud, the victims are required to enter sensitive financial information.
In the case of PPP fraud, the victims are asked to enter their sensitive business information, social security number, bank account numbers, and even your bank balance.
Result of the attacks:
The number of cyberattacks rose by six times when the stimulus package was announced. A study shows that about 14,000 coronavirus stimulus-related attacks were carried out each day compared to before the stimulus was announced.
Staying updated with the latest trends is vital. You must always get information from official websites such as cba.gov/coronavirus. Read the email address carefully before opening it. If the email contains some numbers, it's probably fake.
I’m Tobi Onyekweli, the founder of Kweli Solutions. We are an IT training firm that specializes in providing quality training and appropriate career guides in areas such as Cloud, Database, Cybersecurity, and Software Engineering. Our style and pattern can be compared to none in the industry we gladly represent. We are the leading firm in IT, and we have successfully introduced innovative ways of teaching IT courses. We will be glad to help you find your feet in your chosen career path.