COVID-19 Phishing Update: Money-Flipping Schemes Promise Coronavirus Cash

Threat actors are using social media to engage in money-flipping scams abusing the novel coronavirus. The two examples below demonstrate how they are doing it.

We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat actors are exploiting the pandemic.

FB Social Lure Da Rona

The first example uses Facebook to target users who belong to specific financial institutions. The scammer uses a stimulus reference and the slang term Da Rona to indicate that the giveaway is to help those economically impacted by the pandemic. 

We can only speculate if the intent of the scammer is to steal bank account information or to bring negative attention to the specified banks. 

twitter cash app scam

The second example increases visibility to the threat actor’s desired audience by using coronavirus hashtags: #COVID19, #Coronavirus, and #COVID19Pandemic 

The offer preys on financially vulnerable individuals by promising cash through a mobile payment app if they like or retweet the post. Similar to the first screenshot, we can only assume the intent of the scammer; however, in many of these situations, the recipient is required to pay money upfront for false reasons such as verification of funds or, to have their cash flipped into a much larger amount. When they comply, the victim usually loses touch with the scammer, as well as their money.

Money flipping scams or, the idea that if you give someone cash, they will be able to double or triple the amount, isn’t a new phenomenon. Recently though, legitimate giveaways hosted on popular social media sites like Facebook and Twitter have made claims of free money all the more enticing, leaving individuals who are economically impacted by the pandemic even more vulnerable.   

For more intelligence on COVID-19 threats, see our ongoing coverage.

*** This is a Security Bloggers Network syndicated blog from The PhishLabs Blog authored by Jessica Ellis. Read the original post at: