【】

You didn’t think the U.S. government would send up tp $1,200 to millions of Americans without catching the eye of at least a few scammers and unscrupulous online marketers, did you?

Hundreds of domain names related to the $2 trillion stimulus package have been registered in the past month, according to a new reportby security firm Tessian.

The domain names in question are being used for a variety of purposes. Some are spam and data mining traps. Others appear to lead to educational websites, while still others offer consultancy services or assistance in obtaining your stimulus check or business loan. Of course, this doesn’t necessarily mean they are offering a true no-strings-attached resource.

“Cybercriminals will always follow the money."

“Cybercriminals will always follow the money, and look for ways to take advantage of the fact people will be seeking more information or guidance on this scheme,” said Tessian CEO Tim Sadler in a statement to Mashable.

Shady internet marketers often utilize trending topics for their money-making opportunities. For weeks, Google Trends data has shown that stimulus-related questions and search queries have dominated Google search.

By using these domains, scammers are able to portray their site as an authority on the topic as well as game search engines for better placement on search results pages.

One site checked by Mashable, which included the keywords “stimulus” and “COVID-19” in the URL, attempted to install a browser app upon loading. The single-page website offered nothing more than a few paragraphs of stolen copy and an email list signup form.

Unlike similar scams, such as various tax-related online fraudsthat come around every year, the coronavirus stimulus sites don’t attempt to mimic official government websites.

Mashable Light SpeedWant more out-of-this world tech, space and science stories?Sign up for Mashable's weekly Light Speed newsletter.By signing up you agree to our Terms of Use and Privacy Policy.Thanks for signing up!

In total, the report uncovered 673 non-governmental, stimulus-related domains that were registered between March 17 and April 13. Exactly how many are nefarious is unclear. Some may be trying to provide actual, helpful services. But others are looking to profit off of the extra cash the government has slid into millions of pockets.

SEE ALSO:The IRS is launching a website to check the status of your stimulus payment

Tessian found that a quarter of all these stimulus-related domains were offering education resources from consultants, lawyers, and other experts. It's unclear how many of these websites are offering legitimate services.

Perhaps most notable were the 10 percent of these newly registered, non-governmental domains providing a “calculator tool” for people to check their stimulus check eligibility. Some of these tools require users to enter personal information such as their salary or address.

Sadler specifically warned users to be cautious around these type of sites.

“Cybercriminals could use the information you shared to craft targeted phishing emails that include the ‘results’ of your assessment, tricking you to click on malicious links with the intention of stealing money, credentials or installing malware onto your device,” he explained.

In addition, the IRS has already set up its own official stimulus check status checker.

Other domains in the report were offering loans to businesses during the pandemic. Some were providing outlets for those looking to donate their stimulus check to COVID-19 causes.

Over the past month, malicious actors have been hard at work, trying to take full advantage of the coronavirus crisis. Scammers have been hawkingfake testing kits and non-existent vaccines on fly-by-night ecommerce stores.

“Always check the URL of the domain and verify the legitimacy of the service."

Late last month, an Instagram meme account with 14 million followers was bannedfrom the service after spreading a coronavirus-related money-making scheme.

Even services tangentially related to the coronavirus pandemic have been the focus of criminals. For example, Zoom, the video conferring platform that has gained popularity during the pandemic, has been targetedby hackers using it to steal people’s personal data.

“Although not every domain registered in the last month may be malicious, it’s possible that these websites offering consulting and business loans could be set up to trick people into sharing money or personal information,” said Sadler. “Always check the URL of the domain and verify the legitimacy of the service by calling them directly before taking action.”

TopicsCybersecurityCOVID-19