Bondgate IT White Logo

Phishing attacks continue to exploit COVID-19 to target businesses

Since the start of the coronavirus pandemic, cyber criminals have exploited individuals and businesses into revealing sensitive information. A recent phishing campaign has been spotted across in the USA that attempts to steal financial account details from business users.…
Phishing attacks continue to exploit COVID-19 to target businesses (1)

The use of phishing emails claiming to offer a COVID-19 grants has risen rapidly in September 2022.

Number of COVID-19 phishing emails in 2022

Since the start of the coronavirus pandemic, cyber criminals have exploited individuals and businesses into revealing sensitive information. A recent phishing campaign has been spotted across in the USA that attempts to steal financial account details from business users.

How does this phishing attempt work?

In the latest reported phishing attack, users receive an email that claims to contain a COVID-19 grant application. This idea began in 2020, as small businesses that were suffering financial difficulties due to the pandemic applied for loans and grants from the SBA.

Promising grant money to all businesses and organisations, with no need to pay it back, the phishing email includes an “Apply Now” button that takes users to a survey form that must be filled out to determine if they’re eligible for the grant.

US Small business grant application - phishing email.
COVID-19 Phishing Email

How to stay safe

A common rule of thumb in recognizing phishing threats is to look for grammatical, style, and usage errors. While this bad actor did a passable job, there are still inconsistencies that serve as a good reminder to take a closer look at suspicious emails – especially those that seem too good to be true. In this case:

Email

  • Family’s should be plural
  • Corona-virus is not a commonly acceptable usage
  • “is offering designated states” is not grammatically correct
  • Words are omitted in sentences throughout
  • Repetitive, urgent language encouraging you to apply seems rather salesy
  • The use of all caps in GRANT MONEY feels and looks unprofessional

Stay safe from phishing emails with SLAM


One of the mnemonic devices known to help people remember information is the use of an acronym. SLAM is an acronym for four key areas of an email message to check before trusting it.

These are:

S = Sender
L = Links
A = Attachments
M = Message text

By giving people the term “SLAM” to use, it’s quicker for them to check suspicious emails. This device helps them avoid missing something important. All they need to do use the cues in the acronym.

Speak to our team today on how we can help your users stay safe with email

Facebook
Twitter
LinkedIn
WhatsApp
Email
Print

Contact Us

Bondgate IT Services Ltd,
Newham House,
Dudley Rd,
Darlington,
DL1 4GG

  • © Copyright 2024
  • BONDGATE IT SERVICES LTD

Enterprise Solutions

Social Media

Facebook X-twitter Linkedin

Remote Support

Click on the link below to access our customer support portal.

Get Remote Support