As the scene of the world changes faster than ever, consumers and business owners need to know how to protect themselves during these unusual times. Unfortunately, fraudsters and cybercriminals are taking advantage of the current COVID-19 pandemic. These bad actors will stop at nothing to scam you into divulging sensitive information — or even worse: cause you to suffer a financial loss. Dawn Wilcox, Director of IT Security & Compliance with First Business Financial Services, Inc. adds, “The FBI is reporting a rise in fraud schemes related to the coronavirus pandemic such as phishing fundraising emails, counterfeit treatment products, and fake Center for Disease Controls (CDC) emails.”
With the stage set during so much uncertainty, now more than ever it’s crucial we all know what to look out for and how we can mitigate current schemes as much as possible. Wilcox, a cybersecurity expert, suggests you focus your attention on the following potential fraud threats against you personally and your business.
ACT I – Emails
Beware of all emails that appear to be from the CDC or World Health Organization.
- First, if you didn’t sign up for emails from one of these organizations, you won’t receive emails from them.
- Second, if you are on a mailing list for one of these organizations, beware that the organization’s email address can be easily spoofed. Never click on a link within the email; always open a new browser and go directly to the known, official website to read any news that they may have published.
Beware of all emails that offer medical advice to help protect you against COVID-19.
- The emails might claim to be from medical experts that say some version of, “Use the link below to download Safety Measures.”
- If you receive this type of email, do not open it, do not click on any links, and promptly delete the email. Up-to-date advice about protecting yourself from COVID-19 is available from the CDC at cdc.gov or visit your healthcare provider’s website.
Beware of all emails you receive from your clients, suppliers, vendors, etc.
- Fraudsters first compromise an account from one of your clients, suppliers, vendors, etc., then use the compromised account to phish you unknowingly.
- If you have any doubt about the legitimacy of an email from one of your clients, suppliers, or vendors, pick up the phone and, using a number you have from a previous invoice or your system, call the sender to confirm its legitimacy before opening it.
ACT II – Mobile
Beware of smartphone malware.
- Smartphones are being infected with malware that triggers a process making a web page pop up claiming to be a “Coronavirus Finder.”
- For a small fee, payable by credit card, it claims to show you people nearby who are infected with the virus. Of course, the actual scam is to get your credit card info and exploit it for more money.
Beware of text messages you may receive.
- A text message scam may falsely advertise a cure, an offer to be tested for coronavirus, or provide COVID-19-related financial assistance.
- Do not click on links in any texts that you receive, unless you know with certainty that the text message is from a legitimate source and you expected the message.
Intermission:
Take a breath! While it’s not our intent to scare anyone, being extra vigilant will help to ensure you don’t fall victim to one of these schemes.
ACT III – Phone
Beware of robocalls.
- The Federal Communication Commission has received reports of robocalls professing to offer free virus test kits, in an effort to collect consumers' personal and health insurance information.
- One version of this scam targets higher-risk individuals with diabetes, offering a free COVID-19 testing kit along with a free glucose monitor.
- Other robocalls proport to sell fake cures and ask for payment over the phone. Further, some robocalls are from fake charities trying to take advantage of your generosity. Be sure to research the charity before making a donation, even if it sounds legitimate.
ACT IV – Checks
Beware of government-issued check scams.
- The newly passed CARES Act will provide individual assistance to many Americans. However, no one will call or text you to verify your personal information or bank account details to "release" the funds.
- To set up direct deposit of your check, communicate only with the IRS at irs.gov/coronavirus. You only need to do this if you didn’t give the IRS your direct deposit information on your 2018 or 2019 return.
While the “Acts” above might not be from your favorite play, rest assured that with your extra diligence you can stay safe and be protected. Continue to educate yourself in the weeks and months to come while being even more sensitive to anything that just doesn’t seem right or normal. According to Wilcox, some of the most robust websites to routinely get the latest fraud scam information are fbi.gov, consumer.ftc.gov, and us-cert.gov. Some added vigilance is all that’s required to continue on without becoming a victim of fraud in this Pandemic Play in which we are currently living.