Phishing scammers have started to impersonate President Trump and Vice President Mike Pence in emails that distribute malware or perform extortion scams.

In phishing emails discovered by email security firm Inky, threat actors try to impersonate the White House who is sending out Coronavirus guidelines on behalf of President Trump.

These emails state they are the latest "Coronavirus Guidelines for America" and prompt the recipient to click on a link to download a document.

When the user clicks on the link they will be brought to a web page that impersonates the White house and contains a link to "Download and read the full document".

Fake White House web site

This link, though, would download a malicious Word document that prompts the user to 'Enable Editing' and 'Enable Content' to view it.

Malicious document template

Once a user enables content, malicious macros will launch that install malware onto the recipient's computer.

The site pushing the malware has since been taken down, so it is not known what malware was being distributed in this attack

Phishing scam impersonates Vice President Pence

Another phishing scam almost feels like an extortion scam where the sender pretends to be from Vice President Pence who claims to have just gotten out of a security meeting about the recipient's company.

The email states that the company is involved in human trafficking, drug dealing, and money laundering and that Pence wants to reach an "agreement" before bringing the issue to President Trump.

Email from "Mike Pence"

This particular scam does not distribute malware but does open the opportunity for the victim to respond and reach an 'agreement' with the scammer.

This most likely entails sending some bitcoins to keep the Vice President quiet.

As ludicrous as these emails sound, previous sextortion scams have proven to be very effective at getting victims to pay through scare tactics like this.

As always, phishing scammers will utilize any means to scare you into downloading malware or sending them money.

All users must be vigilant and not respond to any emails from strangers.

This is especially true during the Coronavirus pandemic, where attackers are using its fear and anxiety to push people into making mistakes they normally would not make.