The coronavirus pandemic has not only changed life as we know it, it’s become an event of opportunity for scammers.
Between February and March of 2020, phishing attacks jumped by 667%. Hackers have spared no time in trying to take advantage of pandemic fears with a number of COVID-19 phishing scams.
These scams are designed to exploit the need for information and confusion regarding how to stay safe. They target everyone from remote employees to students to individuals.
While good IT security is a must when it comes to protecting yourself from online threats, half the battle is being aware of the scams that could be lurking in your inbox.
We’ve listed some of the prevalent coronavirus phishing scams below, followed by tips on how to avoid becoming a victim.
COVID-19 Phishing Scams to Watch For
The FBI put out a public service announcement on March 20, 2020 warning of a rise in fraud schemes related to the pandemic. It’s more important now than ever before to be on high alert for phishing to avoid downloading malware, ransomware, or becoming the victim of a data breach or identity theft.
Following, are the scams to be aware of.
Fake Update to Work Policy
This scam takes advantage of newly remote workers that might not have the same communication with their office as usual. It will often insert the company name (easily obtained from the domain on the email address) to seem more legitimate.
It gives a link to a new company policy relating to coronavirus or communicable diseases in general and says the employee is required to read it by a certain date.
Like most of these phishing scams, the link takes the user to a malicious page that does a drive by download of malware.
False Maps of Outbreaks
There are several scams going around promising people real-time maps of the COVID-19 outbreak related to their city or area. They prey upon the fears people have and their need for local information.
This scam comes both by email and in the form of a malicious mobile app that’s been spotted attacking Android user devices with ransomware.
Fake University Information
It’s not just workers who have been sent home, students have as well. This next scam takes advantage of university students that are wondering what’s happening when it comes to their classes and credits.
It’s another email that uses the ploy of a real organization name to try to fool the user into believing it’s legitimate. The email directs the student to coronavirus information, but it’s another malicious link. This one can direct the user to a “login form” that spoofs that of their university in an attempt to steal passwords.
Safety Information Scam
This scam often uses the logo of a real organization (like the CDC or World Health Organization) and uses a doctor or other health professional for the signature.
It promises important coronavirus safety information and gives a URL that ultimately leads to a malicious website.
Fake Products for Sale
There are several scams that are particularly costly because they not only sell the victim fake products, they also steal their credit card details for fraud purposes.
These scams will try to sell everything from faulty PPE (gloves, masks, etc.) to fake COVID-19 cures and preventatives.
How to Avoid Becoming a Phishing Victim
Protective measures against coronavirus phishing scams are going to be the same that you take against any type of phishing. Here are the best practices to avoid becoming a victim of a phishing scam.
- Hover Over Links: Always hover over links without clicking them. This reveals the true URL, which often is a dead giveaway to a phishing scam.
- Double Check Unexpected Emails: If you receive a work or school email that is related to COVID-19, double check that it’s legitimate. Call or video chat with someone from your company or school that you trust and could tell you if the email was really from them.
- Use a DNS Filter & Antivirus: Two basic, yet very effective protections against malware and phishing attacks are using an antivirus and DNS filter (blocks malicious websites).
- Visit Websites Directly: Is that COVID-19 map email that says it’s from the CDC legitimate? You can find out by going directly to the CDC to look for a map. Go to websites directly instead of clicking links in unsolicited emails.
- Always Assume It’s a Scam: Anytime you receive an unexpected or suspicious email, it’s smart to assume by default that it’s phishing and look for clues that it’s not, rather than the other way around.
Keep Your Data & Devices Protected
Cris’s Tech Repair offers both business and residential managed service plans that can keep your devices and data protected in multiple ways.
Contact us today to learn more at 561-985-4961 or through our website.