Home Malware Programs Trojans 'Delayed payment confirmation caused by COVID-19' Email Virus

'Delayed payment confirmation caused by COVID-19' Email Virus

Posted: April 24, 2020

Email fraudsters have been very active since the start of the Coronavirus pandemic, and cybersecurity experts have been reporting dozens of email tactics that focus on stealing money from their victims. However, the 'Delayed payment confirmation caused by COVID-19' email virus is a new tactic that aims to do something else – it asks users to download a file attachment, which contains a corrupted piece of code. If the execution of the code is allowed, the harmful document may deploy a copy of the GuLoader Trojan-Downloader on the compromised host. GuLoader may then be used to deliver secondary payloads such as Remote Access Trojans (RATs) banking Trojans or infostealers. Needless to say, the 'Delayed payment confirmation caused by COVID-19' email virus can be very damaging to users who do not keep their system protected by an up-to-date anti-virus software suite.

The sender of the 'Delayed payment confirmation caused by COVID-19' email virus pretends to be part of an accountant team, which informs the recipients of the message that one of their payments had been detained due to the COVID-19 outbreak. The message carries on by saying that the issue was resolved, and the payment has been dispatched successfully – all details about the transaction can supposedly be found in the file attachment 'Payment_SWIFT.doc.'

The latter file is just a decoy, and it does not contain information about a valid financial transaction. Instead, it is packed with the aforementioned corrupted code that aims to install the GuLoader on the compromised system.

If you see a message titled 'Delayed payment confirmation caused by COVID-19' in your inbox, then we advise you to ignore its contents and report the sender's email immediately. You can rest assured that this is not a valid message, and it is part of a fraudulent campaign that is meant to deliver malware to naïve users.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to 'Delayed payment confirmation caused by COVID-19' Email Virus may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.