Coronavirus: Be on the Alert for Scams
While times of adversity and difficulty most often brings out the best in people, unfortunately is also can bring out the bad in others. There are several known scams being perpetrated on the vulnerable. We have collected a list of the most common ones and tips on how to avoid them.
Cybercriminals and fraudsters are leveraging the COVID-19 pandemic to attempt to steal money by obtaining your personal information. Recognizing and avoiding these schemes is the best way to protect your accounts and identity.
Some common email and social media schemes include:
- Emails or posts asking for account information to receive a stimulus check from the IRS.
- Fake Centers for Disease Control and Prevention (CDC) or other organization emails with links promising information about the pandemic.
- Other phishing emails that ask for your personal information in exchange for fake testing kits, fake vaccines/cures, charitable contributions, or airline carrier refunds
Public Health Scam – Fraudsters are sending messages that claim to be from the Centers for Disease Control and Prevention (CDC), World Health Organization (WHO), or other public health offices. They may ask for Social Security numbers, tax IDs, etc. Other variations direct you to click on a link or download a document. Remind your staff not to respond to messages like this – and definitely don’t download anything or click on links in unsolicited email. It’s the latest form of phishing aimed at stealing confidential data or installing malware on your network.
Government Check Scam – There may be financial help for individuals and businesses in the future. Criminals read those headlines, too, and use them to make their phony pitches sound more credible. If someone calls or emails you out of the blue claiming there’s money available from a government agency if you just make an up-front payment or provide some personal information, it’s a phony.
Business Email Scams – Frauds perpetrated via business email. For example, in a CEO scam, an employee gets a message that appears to come from a company higher-up directing the person to wire money, transfer funds, send gift card codes, etc. In reality, a con artist has spoofed the boss’ email address or phone number.
The economic upheaval caused by the Coronavirus has led to a flurry of unusual financial transactions – expedited orders, cancelled deals, refunds, etc. That’s why an emergency request that would have raised eyebrows in the past might not set off the same alarms now. Compounding the problem is that teleworking employees can’t walk down the hall to investigate a questionable directive. Warn your staff about these scams and give them a central in-house contact where they can verify requests they may receive.
IT Scams – It works like a CEO scam, but this time the call or message claims to come from a member of your technology staff asking for a password or directing the recipient to download software. These scams pose a particular problem now due to what cybercrime experts call social engineering: the dark art of manipulating human behavior to facilitate fraud. Your employees already may be distracted by changes to their routine and your tech support team is swamped. Taking advantage of this temporary “upside down-ness,” con artists may do a quick online search to glean a tidbit to really sell their story – for example, “I spoke with Fred, who said you were having a computer problem” or “The meeting has been shifted to our new teleconferencing platform. Here’s the link.” Your best defense is a workforce warned against this form of fraud. Again, an in-house source for accurate information can help protect your company.
Supply Scams – With many businesses scrambling for supplies, it’s wise to heed warnings about websites that mimic the look of well-known online retailers. They claim to have the essentials you need, but in reality, they’re fakes that take your “order,” grab your credit card number, and run. The safer strategy is to type in URLs you know to be genuine. And before taking a chance on an unfamiliar supplier, check them out with trusted industry colleagues.
RoboCall Scams – While working from home, your employees are hearing a new crop of annoying – and illegal – robocalls. It’s no surprise that fraudsters who already flout the law would try to exploit people’s COVID concerns. Some of these “tele-phonies” pitch bogus test kits and sanitation supplies. Others have businesses in their sights. Recording targets “small business who may be affected by the Coronavirus,” warning them to “ensure your Google listing is correctly displaying. Otherwise customers may not find you online during this time.” These are not new scams and the call definitely isn’t from Google. Remind your staff that the only right response to an illegal robocall trying to sell something is to hang up.
Data Scams – The rest of us may be adjusting to new ways of working, but it’s business as usual for hackers. With more people telecommuting, hackers are hoping companies will drop their online defenses, making it easier to infiltrate data-rich networks. We have tips to help your staff maintain security when working from home.
Also, the National Institute of Standards and Technology (NIST) has resources on making a safer transition to a remote workplace. A good place to start: NIST’s updated Telework Cybersecurity page.
- Check out NIST’s infographic, Telework Security Overview & Tip Guide.
- Read their recent bulletin on Security for Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Solutions.
- And review their advice on Navigating the Conference Call Security Highway.
If you suspect a COVID-19 fraud, report it to the FTC. Click here to report a possible scam.
- Report Phishing and Online Scams
- Those who receive unsolicited emails, text messages or social media attempts to gather information that appear to be from either the IRS or an organization closely linked to the IRS, such as the Electronic Federal Tax Payment System (EFTPS), should forward it to firstname.lastname@example.org.
TIPS TO IDENTIFY SCAMS
The IRS reminds taxpayers that scammers may:
- Emphasize the words “Stimulus Check” or “Stimulus Payment.” The official term is economic impact payment.
- Ask the taxpayer to sign over their economic impact payment check to them.
- Ask by phone, email, text or social media for verification of personal and/or banking information saying that the information is needed to receive or speed up their economic impact payment.
- Suggest that they can get a tax refund or economic impact payment faster by working on the taxpayer’s behalf. This scam could be conducted by social media or even in person.
- Mail the taxpayer a bogus check, perhaps in an odd amount, then tell the taxpayer to call a number or verify information online in order to cash it.
AVOID CORONAVIRUS SCAMS
Hang up on robocalls. Don’t press any numbers. Scammers are using illegal robocalls to pitch everything from scam Coronavirus treatments to work-at-home schemes. The recording might say that pressing a number will let you speak to a live operator or remove you from their call list, but it might lead to more robocalls, instead.
Ignore online offers for vaccinations and home test kits. Scammers are trying to get you to buy products that aren’t proven to treat or prevent the Coronavirus disease 2019 (COVID-19) — online or in stores. At this time, there also are no FDA-authorized home test kits for the Coronavirus. Visit the FDA to learn more.
Fact-check information. Scammers, and sometimes well-meaning people, share information that hasn’t been verified. Before you pass on any messages, contact trusted sources. Visit What the U.S. Government is Doing for links to federal, state and local government agencies.
Know who you’re buying from. Online sellers may claim to have in-demand products, like cleaning, household, and health and medical supplies when, in fact, they don’t.
Don’t respond to texts and emails about checks from the government. The details are still being worked out. Anyone who tells you they can get you the money now is a scammer.
Don’t click on links from sources you don’t know. They could download viruses onto your computer or device.
Watch for emails claiming to be from the Centers for Disease Control and Prevention (CDC) or experts saying they have information about the virus. For the most up-to-date information about the Coronavirus, visit the Centers for Disease Control and Prevention (CDC) and the World Health Organization (WHO).
Do your homework when it comes to donations, whether through charities or crowdfunding sites. Don’t let anyone rush you into making a donation. If someone wants donations in cash, by gift card, or by wiring money, don’t do it.
OTHER SOURCES TO HELP AVOID SCAMS
AARP Tele-Town Hall: Staying Safe: Protect Your Health, Wealth and Loved Ones – During the 90-minute live event, government experts answered questions about health concerns. caregiving and avoiding scams related to COVID-19. Listen now.