Since January 1, people across the U.S.
have made 91,808 COVID-19-related
reports to the FTC*. The best way
to avoid current fraud scams is to
understand how these scams usually
work. Here is a list of some of the most
common ways that fraud perpetrators
and identity thieves are targeting
consumers.
Phishing scams are a fraudulent attempt
to obtain sensitive information utilizing
emails, phone calls and/or text messages
purporting to be from a reputable
source. In many instances, impostors
have been preying on the publics
fear around COVID-19 to help execute
their criminal act. A few examples of
COVID-19 phishing scams are:
- Consumer relief package scam: As
the economic fallout of the COVID-19
pandemic continues, attackers are
leveraging consumer anticipation of tax
relief and government-issued economic
stimulus plans. These attacks trick
victims into dropping their guard and
clicking a malicious link.
- Help desk impersonation: At a time
when technical support teams are
helping employees transition to remote
workstations, cybercriminals are
impersonating IT help desks to take
advantage of their increased visibility
and communication. Employees working
remotely for the first time are likely
in contact with IT and security teams
more than ever before. Employees
anticipation communication from your
help desk may be more susceptible to
clicking a malicious link in this type of
attack.
- Safety measures turned malicious:
This phishing attack impersonates a
coronavirus specialist from the World
Health Organization to trick victims with
two malicious options. The email urges
the victim to download a malicious file
disguised as a safety document. The
attack also gives the victim the option to
click a “Safety Measures” button. If the
victim clicks the link, they are redirected
to a spoofed World Health Organization
site and prompted to provide their email
address and password.
Ransomware is a malicious software
this is downloaded, typically through
a phishing scheme, that encrypts
computer files and locks devices
until a ransom is paid. With many
institutions and employees now
working remotely, cyber criminals
have deployed sophisticated electronic
communications in order to extort
businesses and individuals.
Business Email Compromise is a
fraudulent email requesting a change in
payment delivery and/or method using
a compromised email of a business
executive or a spoofed email looking
similar. Bad actors utilize social media
outlets to research business leaders
and corporate structure in order to
orchestrate their attacks. A large
mobile work force and fear of business
disruption have aided in the overall
success of this scam.
Fraudulent unemployment claims are
when cyber criminals file a claim using
compromised data believed to be
from previous notable data breaches.
With many unemployed or negatively
impacted by the pandemic, criminals are
taking advantage of speedy relief funds
and programs with stolen personal
information for their financial gain.
As in the past with natural disasters
and states of emergency, criminals
have created many spoofed websites
intended to victimize those looking to
make donations or financially support a
cause. With many looking to help others,
crooks have created websites looking
identical to legitimate entities that make
spotting the fakes difficult.
For more information on how to protect
yourself from COVID-19 fraud threats,
visit CNBank.com/COVIDFraud.
*Source: www.FTC.gov