Avoid Common COVID-19 Scams

As the situation regarding COVID-19 continues to develop, criminals are using this as an opportunity to take advantage of public fears by widespread use of common scams that target personal information. The Federal Trade Commission, the World Health Organization and the Secret Service have all issued warnings about an uptick in scams related to the virus, and groups like the Cyber Threat Coalition have come together to fight digital crime and scams related to COVID-19.

With more and more people working from home, companies forced to only utilize virtual contact have seen a higher number of people falling victim to phishing emails. These emails will ask you to either reply with personal information or open a malicious link or attachment that can install malware on your personal device. Before you send that message or click that link, verify the email address to make sure you’re sending your information to someone you mean to. A common trick known as “typo squatting” involves changing one letter in a URL or email domain to create the appearance of a secure connection, when the reality is quite the opposite. On that note, always consider why someone is requesting your personal information and whether the request is appropriate. With links, hovering over any link should display the url it will take you to, whether next to the cursor in an email client or in the bottom left of the browser screen.

With the closure of non-essential businesses, the amount of online shopping has increased, both for essential and non-essential items. Although you are probably more familiar with their use at gas station pumps or exterior ATMs, the use of credit card skimmers in online shopping carts has risen recently, and this situation is of no help. Generally, try to stick to big retailers with a good track record of site security; if that isn’t possible, at least make sure the site has a secure SSL certificate (check the lock icon at the left side of your browser's address bar), and never enter personal information into a page that is displaying an advertisement. Though it can be technical at times, this podcast episode is a good overview of how online retail credit card skimmers operate.

If you believe you have given data such as your username/password combination or credit card information to cybercriminals, immediately change the login information to any affected sites and/or notify your bank’s help line of the incident.

Outside of cyberspace, scammers have been attempting to trick people into purchasing medical supplies like test kits and N-95 masks, securing an upfront payment, and then never delivering on their promise. While this is a common email technique, you could also receive a call from a party attempting this tactic. Don’t hesitate to hang up on robocalls, and any unsolicited calls regarding in-demand supplies should be treated with heavy apprehension at the very least.

Incorrect information about the pandemic, whether from malicious or uninformed well-meaning sources, can also cause undue stress within an already tense public atmosphere. Before passing on information, contact trusted sources to verify the information is correct. Additionally, do your research before making charitable donations; many schemers have been exploiting the pandemic to operate legitimate websites to solicit funds for fraudulent causes.

If you come across something you believe may be a covid-19 related scam, the World Health Organization has a form available on their website for tracking these occurrences. We will be continuing to update our site with guidance as this situation develops, until then stay safe and stay prepared.

insightsAlex Chiasson