FBI Warns of Phishing Attack Targeting People Looking for Unemployment Benefits

The US Federal Bureau of Investigation has issued a warning regarding the rise of fake unemployment benefit websites that aim to collect personal information of any victims who fall prey to this phishing scheme.

Attackers have crafted dedicated websites and messages to trick people into sharing their private information, believing that they are applying for unemployment benefits. While in many phishing campaigns, attackers limit themselves to stealing data, in this one, the criminals also try to install malware, the FBI says.

"Cybercriminals register website domains and email addresses to appear like those which legitimately facilitate the processing of unemployment benefits," said the FBI. "These domains and email addresses often will have misspelled words or will replace "[.]gov" with "[.]xyz." For example, one such domain is "illiform-gov[.]xyz."

"These domains lead victims to malign websites that are usually similar in appearance to legitimate counterparts,” they added. “The fake websites prompt victims to enter sensitive personal and financial information. Cyber actors use this information to redirect unemployment benefits, harvest user credentials, collect personally identifiable information, and infect victim's devices with malware.”

Besides losing precious data to criminals, the victims of this attack risk other severe consequences as well, including ransomware infection and identity theft.

The FBI identified 385 domains hosted by the same IP address, at 75[.]119[.]133[.]61, including many that are still online. Users are advised to follow a few simple rules to avoid falling victim:

• Verify the spelling of web addresses, websites, and email addresses to identify imitations.
• Look for a padlock icon next to the URL in the address bar to verify that the website you visit has a Secure Sockets Layer (SSL) certificate.
• Ensure operating systems and applications are updated to the most current versions.
• Update anti-malware and anti-virus software and conduct regular network scans.
• Disable or remove unneeded software applications.
• Use strong two-factor authentication if possible, via biometrics, hardware tokens, or authentication apps.
• Do not open emails, attachments, or links from unknown individuals.
• Do not communicate with unsolicited text message/email senders by verifying the email header information.