Fake Canada website among many using COVID-19 relief offers to phish for credentials

With governments around the world making billions of dollars available for COVID-19 financial relief, criminals are making every effort to take advantage. That includes building phony official coronavirus relief templates for websites to trick victims into giving up sensitive personal information.

Among the sites discovered by security vendor Proofpoint are the bilingual Government of Canada site pages that attempt to get credentials from victims in either English and French. The news is part of a blog released Friday that also details phishing financial relief pages for the U.S. Internal Revenue Service, the U.K. Revenue and Customs and the official registration site for France.

 

Screenshot by Proofpoint of fake Canada COVID-19 relief page

The goal of the Canadian site is to capture social insurance numbers, which are valuable for creating fake IDs.

“This spoof is noteworthy because while it copies the behaviour of the Canadian government website effectively, it does not match the look and feel of the current Canadian government website,” Proofpoint notes. “The malicious template correctly copies the name of Canada’s revenue ministry in English and French, Canada Revenue Agency and Agence du revenu du Canada respectively. However, the layout, colours, and branding of the malicious template do not match that of the legitimate Canadian government website.”

Fake websites would be created for people doing internet searches for financial relief programs. They would also be the landing pages for links in a mass email and text campaigns previously outlined in our Cyber Security Today podcasts.

Earlier this month the federal government Canadian Centre for Cyber Security said it had taken down over 1,500 COVID-19-themed fraudulent sites or email addresses aimed at Canadians. These included sites spoofing the Public Health Agency of Canada, Canada Revenue Agency, and Canada Border Services Agency.

Proofpoint screenshot of fake UK COVID-19 relief page

Proofpoint says it’s found more than 300 different COVID-19 campaigns since January across nearly every industry it tracks. The creators include well-known, established threat actor groups and unknown individuals.

Creation of Covid-19 phishing landing pages increased sharply in early March, peaking around the beginning of April and then sharply dropping off, says the blog. That plunge probably is caused by a combination of saturation for COVID-19 payment theme phishing templates and a move towards other COVID-19 themes as many one-time payments were disbursed, Proofpoint believes.

“It’s clear threat actors follow trends closely,” the blog adds. “We’ve seen throughout the COVID-19 situation how threat actors have followed the news and adapted their themes to match the unfolding public narrative. The movement by governments in particular to offer financial support has caught the attention of threat actors who have moved not only to target those funds directly but to use them as themes for their malware and credential phishing attacks.”

 

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now