The American Rescue Act is the latest zeitgeisty lure being circulated in an email campaign.
Cybercriminals have wasted no time in hopping on the American Rescue Plan – the COVID-19 relief legislation just signed into law – as a lure for email-based scams.
According to researchers at Cofense, a campaign began circulating in March that capitalized on Americans’ interest in the forthcoming $1,400 relief payments and other aid. The emails impersonate the IRS, using the agency’s official logo and a spoofed sender domain of IRS[.]gov – and claim to offer an application for financial assistance. In reality, the emails offer the Dridex banking trojan.