Through powersolution’s membership of the Cyber Health Working Group (CHWG)*, a new phishing campaign has been detected and reported on. This phishing campaign is designed around COVID-19 themed emails that contain a link to a phishing page that attempts to collect credentials for multiple banks. The attackers then use the information collected to extort funds from the victims.

An example of the phishing email follows:

COVID-19 fraud email screenshot

If the link is clicked, it redirects to the following website:

COVID-19 fraud screenshot

Email header analysis shows that the emails are being sent from a server in Poland (.pl), sent from an email ending in a Russian (.ru) domain.

Received: from cromptonqatarcom.comercialsommecom ( [])
Wed, 22 Apr 2020 12:18:15 +0000
From: Federal Reserve System <[email protected].ru>
Subject: Receive payment.
Date: Wed, 22 Apr 2020 12:18:12 +0000


Phishing is dangerous, and can lead to having your data compromised.

Please be vigilant when opening emails and clicking links.

Always think twice about entering any credentials or information on a website, especially sensitive information such as email credentials, bank account information, or any personal information. Attack groups typically use current events to make the emails seem more real, as in this case with the email referencing COVID-19.

*The CHWG is a community of IT professionals in the health sector who share real-time tactical information about threats, trends, and best practices. The Cyber Health Working Group maintains a web-based platform which provides tools for its members to share cyber threat information and resources. It also hosts webinars focused on a specific cyber threat, training topic, best practice, or threat mitigation solution in the health sector. The CHWG was originally created by the National Capital Region chapter of InfraGard (InfraGard NCR) and the Cyber Task Force (CTF) at the FBI’s Washington Field Office, in partnership with the InfraGard National Members Alliance (INMA). The CHWG is currently managed and operated by the National Cyber-Forensics & Training Alliance (NCFTA) and the Executive Partnership for Integrated Collaboration (EPIC), and also hosted by EPIC.

Please, note — has measures in place to help protect our clients against rogue threats such as the malicious COVID-19 warning. 

How is your state of IT?

Call Us: (201) 493-1414
Our Awards:
IT Support NJ - Reputable highly rated Small Business IT services and tech support company in New Jersey - powersolution industry awards
IT support NJ - Reputable highly rated Small Business IT services and tech support company in New Jersey - powersolution IT industry awards
Scroll to Top