March 24, 2020
Criminals are opportunists. They will often capitalize on major news events to create scams to take advantage of unsuspecting consumers. The ongoing coronavirus pandemic is a perfect example. The fear evoked by the COVID-19 creates the perfect opportunity for criminals to prey upon individuals with phishing, social engineering scams and more.
Some of the potential scams to watch out for include:
Phishing: The fraudulent practice of sending emails disguised as coming from reputable companies in order to entice people to reveal personal information, such as passwords or credit card numbers.
Social Engineering: The use of social media to seek donations for fake charitable causes.
Nondelivery Scams: Fake advertisements for in-demand medical supplies that can be used to prevent/protect against the coronavirus. The criminals will demand upfront payment or initial deposits then keep your money and never complete delivery of the ordered products.
The U.S. Secret Service Agency offers the following advice regarding the above scams:
- Phishing Emails/Social Engineering — Avoid opening attachments and clicking on links within emails from senders you do not recognize. These attachments can contain malicious content, such as ransomware, that can infect your device and steal your information. Be leery of emails or phone calls requesting account information or requesting you to verify your account. Legitimate businesses will never call you or email you directly for this information.
- Always independently verify any request for information that appears to come from a legitimate source.
- Visit websites by typing in the domain name yourself. Receiving “certificate errors” can be a warning sign that something is not right with the website.
The Federal Bureau of Investigation and the World Health Organization say individuals are already using the coronavirus to impersonate WHO officials to steal money or sensitive information. If you are contacted by a person or organization that appears to be from WHO, verify their authenticity before responding.
The World Health Organization will never:
- Ask you to log in to view safety information.
- Email attachments you didn’t ask for.
- Ask you to visit a link outside of www.who.int.
- Charge money to apply for a job, register for a conference or reserve a hotel.
- Conduct lotteries or offer prizes, grants, certificates or funding through email.
- Ask you to donate directly to emergency response plans or funding appeals.