The ongoing COVID-19 pandemic continues to yield new subject matter that bad actors can turn into fodder for enticing victims into clicking on malicious links and attachments. On March 27, the CARES Act was signed into law by the President, enacting a wide range of stimulus packages designed to aid Americans and businesses during the crisis. One such measure will authorize a supplemental stimulus check to American citizens.

Along with the general increase in coronavirus and COVID-19-themed attacks, this stimulus package will also be leveraged as a lure to deliver additional attacks to harm the unsuspecting victim into divulging personal information or be subject to financially based exploitation.

Talos has already detected an increase in suspicious stimulus-based domains being registered and we anticipate they will be leveraged to launch malicious campaigns against users.

As noted earlier by Talos, we anticipate existing malicious campaigns to leverage this new material into their attacks. In our previous blog post about COVID-19, we emphasized that enterprises should take precautions to avoid being victimized by these attacks.

Everyone should be aware and expect to see campaigns focused around stimulus checks or other benefits. Stay alert and vigilant.