BY CHRISTINA BELFIGLIO, OFFICE OPERATIONS & MANAGEMENT
Scammers continue to exploit the Covid-19 virus for their benefit. They have created scams seeming to come from the CDC and from employees. Below are scams to which our office has been alerted in the last week.
Please continue to share your stories so we can alert others.
SCAMS to watch out for:
- Calls from Utility Companies – callers claim to be from utility companies and claim that the utility will be shut off for non-payment. They request a form of payment over the phone in order to keep the service on. Some jurisdictions have required utility companies to halt shut-offs and fees for delinquent payments. Be skeptical of any calls from utility companies at this time.
- Video Conferencing Breaches – many reports of Meeting Bombings (strangers accessing your meeting) have surfaced in the news. Now Zoom-themed websites are popping up with malicious code built in. Ensure that you are using the actual app by going directly to their website. When possible enable security measures such as meeting passwords and an approval process for accepting members once logged in. Additional information for Zoom meetings can be found in this CNet article. https://www.cnet.com/news/zoom-every-security-issue-uncovered-in-the-video-chat-app/
- Medicare Scams – offers for Medicare benefits related to Covid-19, such as Coronavirus package or a Covid-19 kit. Typically they request personal information such as your bank information, Social Security and/or Medicare numbers.
- Monetary Relief – Fraudulent calls, texts, and emails purporting to be from the Social Secuirty Administration, IRS, Census, USCIS, and the FDIC. “These fake government messages might say that you’re approved for money, can get quick relief payments, or get cash grants due to the Coronavirus. Scammers might also promise you small business loans, or send a (phishing) alert that a check is ready to be picked up. These are all scams, and none of those messages come from a government agency.”
- Direct Deposit changes – some businesses are seeing increased imposter emails purporting to be from employees requesting changes to their direct deposit accounts. Do not reply to the email. Contact the employee directly using the information provided in their personnel file. If the email is deemed to be a scam report it to your IT department so they can blacklist the email address. Blacklisting the email address will block all emails from that address company-wide.
- Text Messages – The Federal Communications Commission (FCC) has received reports of texts appearing to be from a “next door neighbor.” Sample text:
From my next door neighbor
Just received this…from good friend of mine who works for the CDC
Please be advised, within 48 to 72 hours the president will evoke what is called the Stafford Act. Just got off the phone with some of my military friends up in DC who just got out of a two hour briefing. The president will order a two week mandatory quarantine for the nation. Stock up o whatever you guys need to make sure you have a two week supply of everything. Please forward to your network.
Discredited SCAMS which have been circulated:
- Thieves Handing out Masks laced with Chemicals –
- The claim – thieves are going door to door distributing free masks. They insist the recipient try it on. The masks are laced with a chemical that renders the wearer unconscious. The thieves then rob the homeowner.
- The Verdict – this has been reported as a FALSE claim by multiple groups including Snopes.com, Reuters.com, and Politifact.com.
Tips for recognizing and avoiding phishing emails
Here are some ways to recognize and avoid coronavirus-themed phishing emails. Like other types of phishing emails, the email messages usually try to lure you into clicking on a link or providing personal information that can be used to commit fraud or identity theft. Here’s some tips to avoid getting tricked.
- Beware of online requests for personal information. A coronavirus-themed email that seeks personal information like your Social Security number or login information is a phishing scam. Legitimate government agencies won’t ask for that information. Never respond to the email with your personal data.
- Check the email address or link. You can inspect a link by hovering your mouse button over the URL to see where it leads. Sometimes, it’s obvious the web address is not legitimate. But keep in mind phishers can create links that closely resemble legitimate addresses. Delete the email.
- Watch for spelling and grammatical mistakes. If an email includes spelling, punctuation, and grammar errors, it’s likely a sign you’ve received a phishing email. Delete it.
- Look for generic greetings. Phishing emails are unlikely to use your name. Greetings like “Dear sir or madam” signal an email is not legitimate.
- Avoid emails that insist you act now. Phishing emails often try to create a sense of urgency or demand immediate action. The goal is to get you to click on a link and provide personal information — right now. Instead, delete the message.
Tips for Staying Protected
- Report suspected scam to the Federal Trade Commission at ftc.gov/complaint.
- Update the software, virus and malware protection on all of your devices.
- Always Question the source and validity of the information you receive. Go directly to the source instead of clicking links or opening attachments.
- Check with your IT department at work to verify if a message is a scam or legitimate. If you receive something that appears to come from someone in your company send them a separate message or call them to verify the validity.
- Be Aware by signing up for the FTC’s Consumer Alerts to get the latest news on scams.
See our previous scam report: https://www.fortis-wealth.com/2020/03/24/scams-related-to-the-covid-19-coronavirus/