Know some important ways to protect yourself from fraud and scams associated with COVID-19.
We might have shrugged our shoulders as kids when we heard the advice to "never talk to strangers." We also may have underestimated the danger of entertaining something suspicious or inherently dangerous for us on more than one occasion, until it actually happened to us.
It's been over two months since the health crisis started and its economic impact has been felt around the world. Unfortunately, according to an article from the BBC, there has been an unprecedented increase in the number of reported scams due to the pandemic. It’s important to be aware of possible scammers and hackers who may be taking advantage of the situation - looking for possible inroads through email inboxes, phones, and websites of consumers and businesses.
To protect yourself from these frauds and scams, here are some unique examples of COVID-19-based phishing exploits that have been reported recently:
-People are receiving unsolicited work from home job offers via email. Be wary of any unrequested offer received via email, especially if you did not apply or interview for a position with a company.
-With the increase in the number of people telecommuting, scammers are sending emails from internal company domains with fake links to work from home policy and procedure documents. Stay educated about your company’s policies and Human Resource practices.
-Individuals are receiving alert emails from organizations claiming to be the Center for Disease Control (CDC), World Health Organization (WHO), or other expert institutions with information about the virus. These groups would not send emails of this type unless you subscribed to notifications. Always visit the websites of these groups for the most up-to-date information.
-To date, there is no vaccine for the novel coronavirus, however, people are receiving information via email and pop-ups offering vaccinations and other health advice. The Federal Trade Commission (FTC) has recently issued seven cease and desist orders to groups who were advertising these types of products.
-It is human to want to help others in a crisis, especially one that impacts vulnerable groups such as seniors and children. Criminals are taking advantage of that instinct by running charity scams through social media and phone calls related to the COVID-19 pandemic, soliciting donations for medical treatment or food drives. Do not donate money via Bitcoin.
-With various state, local, and federal governments determining ways in which to help people and companies who are financially impacted by this crisis, there are scams circulating that claim to provide access to government loans, tax refunds, or payments. In a real-life situation, this is not how the information would be provided to the public.
-Emails with infected attachments providing information on the pandemic, from how to protect yourself and how to make your own hand sanitizer, to statistics and information on the pandemic, have been making the rounds. Do not click on or open these attachments.
In times like this, the same rules apply to avoid phishing scams. Phishing.org provides a great listing of ten actions to take:
-Keep informed about phishing techniques. The more you know about what scammers are doing, the less likely you are to be a victim.
-Think before you click! People are worried, afraid, and concerned about the pandemic. They may fail to think before they click on a link to “breaking news” or “cures” for the novel coronavirus.
-Install an anti-phishing toolbar. Usually available as a browser plugin or add-on, these tools can help to identify phishing websites and advertisements. Check with your IT or Security department to see which ones are approved for use in your organization.
-Verify a site’s security. Check to see that the web site URL begins with “https” and that the closed lock icon is displayed. Also, watch the lower left-hand corner of the web page as the site page loads to ensure that the URLs match.
-Check your online accounts regularly. We all have that online account that we set up and only visit once or twice a year when needed, like a streaming subscription site. However, these sites may hold personal and credit card information that a hacker can access and use without you realizing it. Log in to your accounts more often and make sure you update to a strong password.
-Keep your browser up to date. Whenever an update is released, run it immediately and check all browsers you may use to make sure they are kept up-to-date.
Use firewalls. Using a personal, or desktop firewall is a critical security component for connections that are always “on.” Your organization should have network firewalls to protect network infrastructure.
-Be wary of pop-ups and use pop-up blockers in your browsers to avoid these nuisances. If you must close a pop-up window, use the “X” in the upper corner of the window. Also, be wary of email attachments, which can contain malware.
-Never give out personal information. Guard your data as if it were gold because it is that precious. Your personal data (financial, sensitive, medical, etc.) in the hands of a scammer can not only be used to rob you but can also be sold for others to use maliciously.
-Use anti-virus software. Keep your anti-virus software up to date and be sure to scan your device on a regularly scheduled basis.
Regardless of unforeseen events or disasters, it’s important to stay educated. In times when our financial anxiety might be heightened due to the pandemic, many scammers will use this as an opportunity to take advantage. So, make sure to practice increased diligence in keeping your personal data and resources private and safe. If you’ve experienced any forms of scams or online fraud, make sure to report them immediately to local authorities.
For additional resources about security awareness, here’s a presentation from San Mateo County District Attorney’s Office and San Mateo County Aging and Adult Services.