COVID-19 continues to steer news headlines and disrupt the world. At the same time, cybercriminals are following the news and crafting schemes to take advantage of public fear and financial uncertainty during the pandemic. During the COVID-19 outbreak, phishing attacks have skyrocketed since February.
Scammers are targeting both individuals and organizations, so businesses must stay aware of fraud threats as they adapt to a more remote workforce.
The pandemic is changing the way businesses are financing and operating, and that’s opened the door for fraudsters to take advantage. Cybercriminals around the planet are finding ways to capitalize on the present coronavirus pandemic.
In recent weeks, numerous phishing scams have been associated with the virus, from emails, messages, fake landing pages, and malicious downloads.
How are cybercriminals and scammers exploiting COVID-19?
Coronavirus has caused fear in many of us, and scammers are aware of it and taking advantage of the situation by sending out communications designed to take advantage of it.
Cybersecurity officials have identified an influx of latest website domains concerning COVID-19 since the outbreak gained worldwide traction. Many of those domains are believed to be suspicious or are confirmed as malicious.
Varied types of scams are reported by the cybersecurity cell that includes: cybercriminals making false promises for ‘anti-coronavirus’ medication, protective equipment, more updates, and even funding requests for research and vaccinations.
Many of the recent scams concerning COVID-19 have taken the shape of cybercriminals impersonating official governing bodies, from the UN’s World Health Organisation (WHO) to Her Majesty’s Revenue & Customs (HMRC).
Types of scams
Invoice Scams
Scammers can contact any business pretending to be one of their regular suppliers. They convince the authority that their bank account details have changed due to some issues and will ask to update the payment details. If you receive any such email, immediately contact your existing supplier and ensure about any changes in the payment modes.
Impersonating as CEO
It is a sophisticated type of scam where scammers imitate as the authority of the company director or senior manager. An employee of the company may receive a call or email from the scammer claiming to be the company’s senior authority. They will ask for an urgent payment to a new account and show a sense of urgency. Scammers may even hack the staff’s email account or use spoofing software to appear genuine.
Technical support scams
People are working remotely during the crisis, so criminals may pretend as a well-known company and offer repair services. In this scam, criminals will try to gain access to computer data or fetch the passwords and login details.
After they have access, they can search the hard drive for valuable information.
COVID-19 ‘advice’/ Government grant/tax refund scams
Scammers are finding new ways to gain profit during this global pandemic. They will contact any business authority by phone, or email claiming to be a government authority or medical organization.
For instance, a cybercriminal may call an organization stating that they are qualified for a tax refund and ask for account details.
Fake Suppliers
Cybercriminals are aware of the massive demand for health products during the COVID-19 crisis. Many companies are searching for suppliers to meet the current demand.
Cybercriminals are creating fake websites and social media accounts and promoting face masks, ventilators, hand sanitizers, home cleaning products, etc.
How to Identify Suspicious Activity Associated with COVID-19
Scammers are following email trends pretending to be nonprofit organizations, offering coronavirus testing, or government agencies posing for assistance during the outbreak. These tactics allow them to play on emotions or act during a position of power to compel people to assist. to raised determine if they’re from a legitimate source, search for the next things:
Double-check email domains
confirm the emails are coming from the right domain. Example: emails from the middle for Disease Control (CDC) should have “@CDC[.]gov” rather than “@CDC[.]org” or “@CDC[.]com”.
Request for money transfer
When you receive an email from any charity, agency, or the unsolicited person asking for money via MoneyGram, Western Union, or gift card, please don’t respond to such emails.
Testing Kit Scams
If you receive an email or call stating that you are getting a coronavirus testing kit. Google it to ascertain how your state is conducting testing and don’t open the door for anyone claiming to be from the CDC, or any company/agency, offering to test.
Requests for private details
Be wary of emails, calls, and texts using the phrase “COVID” that also invites personal information, like Social Security number, checking account information, or passwords.
Unusual or unexpected senders
get on alert for emails using the phrase “COVID” from untrusted or unsolicited sources, and every one emails from an untrusted or unsolicited source which will ask you to download an attachment or a program. Unless it’s from a trusted source, you ought to never download these things.
Take care of your technology security
Don’t leave your computer or phone unattended if you’re in a public area and always lock your computer once you leave it, even reception.
If you’re feeling you are a victim of those schemes, you’ll still take action to prevent or minimize loss possibly:
- Change the password of your email account, also like your other stories immediately.
- Enable two-factor authentication on your email and other accounts.
- Notify others, which will be impacted by such a compromise.