Protecting Yourself Online: How to Beat Covid-19 Scammers
According to data recently released by the Federal Trade Commission, consumers have already lost about $5.85 million to various Coronavirus related schemes ALONE and likely don’t include those that haven’t been reported to the agency. With a costly $600 average loss per instance, it’s a seemingly lucrative tactic that does not appear to be going away.
Unfortunately, it should come as no surprise that there is no shortage of malicious actors out there trying to take advantage of this unprecedented pandemic and exploit people’s anxieties to fulfill their means. All too many times, we’ve seen what can happen when one brief lapse of judgment can result in irreparable damage and our goal is to ensure that this does NOT happen to you!
Over the last few weeks, I’ve made a concerted effort to stay ahead of these Coronavirus related scams and luckily, they’re just as easily avoided as much as any other phishing/vishing-like attempt. As I always say, you can’t necessarily prevent yourself from becoming the target of a scammer – especially during a situation like this one, but what you CAN do is prevent yourself from becoming a victim, which is exactly what I want to help address today.
The Major COVID-19 Scams to Be Aware Of
One of the most common Coronavirus-related scams that we’ve seen over the last few weeks is a student loan callback scam. It’s actually a variant on a scam a lot of you may have experienced in the past, where you receive a voicemail from someone claiming to be able to help you dramatically decrease (or even totally eliminate) your student loans. A friendly voice will claim that thanks to the Coronavirus outbreak, new measures have been enacted that will positively impact your future payment obligations. All you have to do is call the number back and provide them with some basic information which they’ll likely use to steal your identity or commit some other type of financial fraud.
Along the same lines, there’s also a Social Security scam that you should be aware of – especially if you’re taking care of older relatives that have some type of existing relationship with the SSA. Here, you’ll get a voicemail letting you know that due to Coronavirus, the victim’s Social Security payments are being suspended within the next 24 hours due to “suspicious and fraudulent activity.” You’ll be directed to call a number to “discuss this critical matter that needs your urgent attention”… at which point you’ll again be asked to hand over as much personal information as possible to people who ultimately only want to do you harm.
But believe it or not, some scams are even more brazen than the ones I just outlined. There are two in particular that seem to be running rampant over the last few weeks:
- A delivery scam, where you get an email or even a voicemail from a “local business” offering to deliver you a wide range of sanitizers, toilet paper and even face masks right to your doorstep. Obviously, they’re doing this in the name of “protecting you and your loved ones” by preventing a trip to the grocery store. From there, these good Samaritans will request an up front payment that you likely will never see again OR the products they promised.
- An HVAC for Coronavirus scam, where a “highly trained HVAC professional” promises to come to your house to conduct a full air duct cleaning and sanitation procedure to make sure that the air in your home is free and clear of COVID-19. The average amount of money being charged for this scam is around $80, and good luck ever seen any service actually performed in return.
Part of what makes these scams so effective is that, from a social engineering standpoint, they’re designed to play directly into the types of things that people are already worried about. Obviously, you want to do whatever it takes to protect your family (or your employees) from harm – which is why its understandable to immediately recognize something as obvious as the HVAC for Coronavirus scam in the heat of the moment. Similarly, with so many experiencing COVID-19 related financial hardship at the moment, it’s easy for users to be caught up in the excitement of learning you didn’t have to pay interest on your student loans anymore.
This is what I mean when I say that while the specifics of the scams may have been adjusted to play directly into COVID-19 fears, the structure of the scams themselves remain largely unchanged. These people are still using the same techniques to try to trick you into handing over your personal information, your hard-earned money or, and in many cases, both. To that end, most of this is no different from a phishing email sent to an employee at your company trying to institute a fraudulent wire transfer.
The key to staying safe is to know what you’re up against, understand as much as you can about how these scams work and to do your best to remain vigilant and aware as this pandemic drags on.
At the end of the day, the old saying of “if it sounds too good to be true, it probably is” still very much applies in this context.
Don’t Become a Victim of COVID-19 Scams
Regardless of the type of scam that someone is trying to pull on you, there are a number of important steps you can take to make sure you don’t fall prey to someone with malicious intentions.
- First and foremost, be sure to hang up on any and all robocalls if you’re not already doing so. This is by far the most common way that a lot of these scams are executed.
- Ignore offers that you may see online for vaccinations and home COVID-19 testing kits. At best, you’re going to end up with products that aren’t proven to actually do anything to treat or prevent the Coronavirus. At worst, you’re going to pay someone halfway around the world a lot of money and wind up with nothing to show for it in return.
- Don’t respond to any email (and especially any text) claiming to be able to get you your “Coronavirus stimulus check” in the next few days. Not only are the details of the stimulus package still being worked out, but most Americans who file tax returns with the IRS will receive those funds via direct deposit. Those that won’t, will get checks in the mail, but that isn’t projected to happen for months.
- Understand that organizations like the FTC, the Centers for Disease Control and the FBI will never, ever try to contact you via text message. If you get a text from the FBI asking you to provide personal information for any reason, delete it quickly and move on with your day.
As always, maintaining a routine cybersecurity awareness training program will help a great deal to protect you from these types of scams. By routinely evaluating the tenets of IT hygiene with your team and reminding them of their role in maintaining your organization’s cybersecurity posture, will go further than most- if any – other IT security tool.
If you’re still worried about how to safeguard your personal and professional data from these and other COVID-19 type schemes, don’t worry – we’re all in this together. Feel free to reach out to either myself or one of my colleagues at TSI and I’d be happy to answer any questions or address any concerns that you may have.
COVID-19 Scams Are Already Popping Up Everywhere. Here’s How to Beat Them
Although things are probably going to get worse before they get better, just remember - so long as we stick together, we WILL persevere, and we WILL get through this and come out all the better for it.