While the rest of us are adjusting to the new “normal” of staying inside, hackers have gone into full overdrive with scams related to the coronavirus pandemic.
From fake outbreak maps to scams involving the new coronavirus stimulus package, users are being inundated with phishing designed to prey upon their fears from the pandemic.
Phishing attacks rose over 660% in between February and March, 2020.
The distraction of changed routines and the general fear of uncertainty makes people more vulnerable to these attacks.
Protective steps you can take include:
- Remote device protection through services like WebGuardian
- Knowing what types of attacks are likely to show up in your inbox
Read on for a list of nine of the most dangerous COVID-19 phishing scams to be on high alert for.
9 New Coronavirus Scams to Avoid
It’s important to stay vigilant against phishing scams. You don’t want to suffer a data breach or identity theft on top of everything else you’re dealing with right now.
Best practices to avoid becoming a phishing victim include:
- Never trusting unexpected emails or those from unknown senders
- Hovering over links without clicking them to reveal a true URL
- Carefully reviewing the sender’s email address (look for slight misspellings)
- Visiting websites by going directly to them in a browser, not by clicking a URL in an email or social media message
- Double checking any unusual or unexpected emails from colleagues, friends, family
Here are several of the main coronavirus scams going around. In all cases, the URLs in these phishing scams take users to malicious websites that can download malware, steal login credentials and other sensitive data, or scam them out of money.
Outbreak Maps
These types of scams generally pretend to be from an authority like the World Health Organization (WHO) and will even use their logo to fool the recipient.
They give a link to a map of “outbreaks in your city” and prey upon a fear many people have of knowing how close the pandemic is to them and their family.
Fraudulent Cures or Protective Equipment
Large online retailers like Amazon and eBay have been working to shut down these types of scams, but it’s like “whack-a-mole.” As soon as one is stopped, another one or two pop up.
These scams promise things like fake cures or preventative measures. They can also offer protective masks and other PPE that end up never coming.
Android Map App
Another map related scam going around attacks Android devices with ransomware and other malware. The malicious app claims to offer access to a virus-tracking map that updates in real time.
But the app contains ransomware and can lock a user out of their device as soon as its installed. The hacker then demands $100 (or more) in bit coin to unlock the device.
Fake “Freebies” from Costco
This scam is typically sent by text message and it promises $110 in “goodies” or a $100 “bounty” for “loyal customers” of Costco. It asks the recipient to click a link to fill out a survey.
Here is an example of how this scam looks courtesy of the FBI San Diego.
Work Policy Update
This scam targets all those at home workers that might be less connected to their office than usual. It purports to be from their company’s HR department and directs employees to review the company’s updated policy related to coronavirus.
It gives a link to what appears to be a PDF but is actually a link to a malicious site.
Stimulus Check Scams
Now that the stimulus package titled, the Coronavirus Aid, Relief, and Economic Security (CARES) Act has been passed, several related phishing scams have emerged.
These scams often use a scare tactic, such as “don’t miss out on your stimulus check,” and direct the user to a link to sign up to ensure they receive their money.
Donation Scams
Donation scams to fake charities are all too commonplace, and they’re out in full force right now. These emails pretend to be from organizations like the Gates Foundation, but often have slight misspellings in the email URL and other phishing giveaways.
They’re designed to steal your money and potentially your credit card details as well.
Fake CDC Safety Measures
Another scam that uses the logo of a well-known organization is one that pretends to be from the CDC. It offers a link to coronavirus “safety measures” that should be taken to remain safe from the virus.
Help Desk Scams
This is another of the scams taking advantage of newly remote workers. It pretends to be from an IT support company working for the recipient’s company.
It notes that due to the global pandemic they’re taking security measures to deactivate user email. If the recipient doesn’t want their email impacted, they’re directed to click a link to “confirm non removal of email.”
Get Phishing Protection & More with WebGuardian
WebGuardian by Two River Computer offers a number of safeguards that can help protect you from phishing attacks and malware infections.
Contact us today to learn more! Call 732-747-0020 or reach us online.