Free Fast Food and Coupons Latest Virus-Related Hacker Scam

Hackers have been having a field day exploiting the coronavirus, sending phony emails with malicious links purporting to be from health agencies or other trusted sources.

In one recent cyber scam, state-backed hackers posed as American fast-food franchises, according to researchers at Alphabet Inc.’s Google. The attackers targeted U.S. government officials with coronavirus-themed phishing emails.

The emails “offered free meals and coupons” or “suggested recipients visit sites disguised as online ordering and delivery options,” Google said in a blog post on Wednesday. They sought to trick users into turning over their account credentials and were sent to the personal Gmail accounts of the officials.

There is no evidence that accounts were compromised, the report said, but victims received a “government-backed hacker” warning from Google.

The phishing campaign is part of a broader trend with “over a dozen government-backed attacker groups” utilizing the virus as a lure for phishing emails and malware attacks, according to Google. The company also found hacking groups linked to Iran and “a South American actor” — which created a phony World Health Organization domain and login page for use in phishing emails — that targeted health-care groups.

“These findings show that health organizations, public health agencies and the individuals who work there are becoming new targets as a result of Covid-19,” Google said in the post. “Hackers frequently look at crises as an opportunity, and Covid-19 is no different.”

As an example, Google said in an April 16 blog that during the previous week, it had seen 18 million daily malware and phishing emails related to Covid-19, in addition to more than 240 million Covid-related daily spam messages. Gmail blocks more than 100 million phishing emails a day, the company said.