Researchers at security firm Cyfirma say North Korean hackers are preparing to launch a massive phishing attack targeting 5 million people in the United States, United Kingdom, India, Japan, South Korea, and Singapore.

Cyfirma reports that the notorious North Korea-based Lazarus Group plans to launch a Covid-19-themed phishing campaign against individuals and businesses in these six countries on June 20 and 21. The ultimate goal appears to be to steal payments for coronavirus relief.

Cyfirma expects attackers to use "phishing emails posing as local governments responsible for payments for the government-funded Covid-19 assistance initiative."

"These phishing emails are designed to direct recipients to a fake website, where they are tricked into divulging personal and financial information," the report adds.

The researchers who discovered the planned June 1 attack have not revealed how the hackers intend to intercept or steal the stimulus checks, but the attackers are expected to impersonate the agencies that distribute such payments.

"Hackers plan to take advantage of such announcements to lure vulnerable individuals and businesses into falling for phishing attacks. Given that potential victims are likely to be in need of financial assistance, this campaign will have a significant impact on political and social stability.

Active for over a decade, the Lazarus Group is known for using malware, zero-day attacks, phishing, fake news, and other techniques to launch devastating state-sponsored attacks on targets in over 31 countries.

It has been blamed for the global ransomware worm attack WannaCry in 2017, the $81 billion electronic theft from the Bangladesh Central Bank in 2016, and the attack on Sony Pictures in 2014, among other crimes.

Unlike state-sponsored hackers from Russia, China, Iran, and the United States who primarily seek secret information from other countries, North Korean state hackers frequently engage in conventional cybercrime. Their cyber theft is believed to help supplement state finances.

The e-mails target people and organizations in Singapore, Japan, South Korea, India, the United States, and the United Kingdom, and the governments of these countries have announced their respective aid initiatives for people and businesses affected by the pandemic.

"The six targeted countries on multiple continents have one thing in common," the Sypharma report notes. "The governments of these countries have announced significant financial assistance to individuals and businesses to help stabilize their pandemic-affected economies.

The perpetrators are believed to use spoofing and fake e-mails to lead victims to believe that they are being contacted by government organizations. These include:

In numbers, hackers have 1.4 million for targets in the United States, 180,000 business contacts in the United Kingdom, 1.3 million personal email IDs in Japan, 2 million personal email IDs in India, 8,000 contact emails in Singapore, and 700,000 personal email IDs in South Korea.

Ilia Kolochenko, founder and CEO of web security firm ImmuniWeb, told Tom's Guide: "To combat the growing threat of phishing attacks, organizations should gradually invest in consistent cybersecurity awareness and workforce development .

"The human layer remains the weakest link, yet is often underestimated by victims. As a matter of technical cyber resilience, asset visibility, continuous security monitoring, and anomaly monitoring augmented with agile patch management can prevent most of the problems that can be addressed on the technical side.