Abnormal Security: COVID-19 Department of Labor Phishing Attack

Today, Abnormal Security published research on an email attack campaign designed to prey on people struggling due to the pandemic by impersonating the New York Department of Labor offering COVID relief funds in order to steal sensitive personal information. With attention on the new COVID stimulus package agreed upon last weekend, consumers are especially prone to this attack.

In this attack, the attacker impersonates the New York Department of Labor by disguising their identity with the display name “noreply [at] labor [dot] ny [dot] gov” and displaying the New York State logo at the top of the email. However, a closer look reveals the true sender to be naij30 [at] naija9icevibes [dot] com, a Panamanian-registered domain with no association to the New York state government. The attacker claims that the government will administer a $600 relief fund to citizens who fill out the indicated form. If the recipients fall victim to this attack, they release extremely personal information to the scammers. This could ultimately lead to identity theft and other fraud.


For more information, please visit the Abnormal Security blog: https://abnormalsecurity.com/blog/covid-19-department-of-labor-phishing/