MOM warns of phishing campaign using fake e-mail address with Covid-19 support fund as bait

The Ministry of Manpower said it had received information that the campaign will be targeting businesses. PHOTO: ST FILE
Hariz Baharudin
Indonesia Correspondent
Updated
Jun 19, 2020, 07:13 PM
Published
Jun 19, 2020, 06:10 PM

SINGAPORE - A potential phishing campaign designed to steal personal data and financial information of individuals and companies is being planned by hackers using a fake Ministry of Manpower (MOM) e-mail address, warned the ministry on Friday (June 19).

In a Facebook post, MOM said hackers are planning to use the e-mail to trick people, using the Covid-19 support fund as bait to get them to share such private data.

"The hackers plan to use a spoofed MOM e-mail address (covid-support[@]mom[.]gov[.]sg) and using the Covid-19 support fund as a lure to get recipients to click on the embedded phishing link," said the ministry in its post, which was later shared by the Government Technology Agency (GovTech).

"These phishing e-mails are designed to drive recipients to fake websites where they will be deceived into divulging personal and financial information," the MOM said.

Phishing attacks are when hackers pass themselves off as someone the victims would trust to trick them into giving up their data, user names, log-in details or other information.

The MOM said it had received information that the campaign will be targeting businesses, and reminded the public to use only the official ministry website for all information and transactions on the ministry's matters.

In a report about the phishing campaign, cybersecurity firm Cyfirma, based in Singapore and in Tokyo, said that the hackers claim to have 8,000 business contact details and will target businesses with a phishing e-mail on June 21.

Recipients will then be directed to fake websites, where they will be tricked into divulging personal and financial information, Cyfirma said.

The firm conducted an online threat assessment in the first half of this month and found that the prominent hacker group Lazarus Group was planning a global attack that involved this phishing campaign.

The global attack is said to target more than five million people and businesses in six countries that have announced financial support measures for their citizens in light of the Covid-19 pandemic. They are Singapore, Japan, South Korea, India, the United States, and Britain.

More On This Topic
Covid-19 crimes: How some are adapting and finding new ways to scam, cheat and profit

This is the second time this week that the MOM warned of phishing schemes involving hackers pretending to be from the ministry.

On Tuesday, it uploaded a post on Facebook warning of online sites that have been passing themselves off as the ministry's official website and which were designed to steal information from victims.

Related Stories
What you need to know about S'pore's new Covid-19 vaccination strategy
Asia stepping up fight against more infectious Covid-19 variants
Hong Kong cements Covid-19 tests with centres just a 15-minute walk
Covid-19 wave looms in Europe amid vaccine fatigue and false sense of security
Long Covid remains a mystery, though theories are emerging
askST: What is excess death and what is Covid-19's true toll on the world?
Biden says pandemic is over; survivors and doctors disagree
No plans to include Covid-19 vaccinations in childhood immunisation schedule: Ong Ye Kung
Human development set back 5 years by Covid-19, other crises: UN report
Covid-19's harmful effects on the brain reverberate years later: Study

Join ST's WhatsApp Channel and get the latest news and must-reads.

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

Back to the top