COVID-19 Scams Targeting Beneficiaries

Free Passes to Netflix

Apparently there are people attempting to capitalize on current social distancing recommendations and self-isolation orders by spreading around fake offers of free Netflix subscriptions. As you can see in the image shared above, the link did not lead users to the legitimate Netflix domain “netflix.com.” Instead, it pointed them to a lookalike site hosted at “netflix-usa[dot]net.” The site asked visitors to answer some questions about how they were handling the global pandemic. It then asked them to share the site with 10 of their friends. Bitdefender reasoned that the site did this for the purpose of tricking even more individuals to sharing their information with attackers.

Promoting Safety Masks

The app immediately demanded the right to read contacts and send SMS messages once it had finished loading on a device. It then asked the user to click on a button that supposedly redirected them to a portal where they could enter their information for the purpose of procuring a mask. Nothing happened once they clicked the button, but it’s possible that after further development, the portal could ask users to “pay” for a mask by entering their credit card information. With that being said, the app did leverage its “read contacts” permissions to collect all of the ‘victims’ contacts and send out SMS messages that spread the scam even further.

Census Forms

The message advising individuals that they would not receive their COVID-19 stimulus check from the U.S. government unless they completed their census form is another scam. Why? The census has nothing to do with the stimulus package. No doubt malicious attackers are using compromised Facebook accounts to try to trick people into providing their personal and/or financial information.

Stay up to date with other scams targeting your clients by following Agent Pipeline on social media.