COVID-19 Fraud — let’s be careful out there
Fraudsters are leveraging fears over the coronavirus as an opportunity to scam financial institutions and consumers.
A credit union in New York is sounding warnings about a scam where members receive phone calls and text messages that appear to be from the credit union asking for personal and online banking information. They’re telling members not to reply to these messages because caller ID can be “spoofed” and isn’t a reliable way to identify a caller.
A Boston credit union reported that hackers and scammers are using the potential public health crisis to take advantage of unsuspecting businesses and consumers. They added that emails have surfaced claiming to be from the Center of Disease Control and Prevention (CDC) and the World Health Organization (WHO), directing unsuspecting recipients to harmful websites that load malware or other harmful applications under the ruse of offering important pandemic information.
In response to these and other campaigns, WHO and CDC have issued alert warnings to consumers to be on the lookout for individuals posing as the organizations. The best response to communications like this is to simply delete the email — do NOT click on any links in the emails.
Opportunistic hackers are employing other tactics to take advantage of consumers.
One of the phony maps fraudsters use is Corona-Virus-Map.com, according to PaymentSource. This website claims to provide an up-to-date coronavirus map similar to another map from Johns Hopkins University.
The malicious website produces a map that nearly matches the university’s graphics. The fraudulent map contains software that steals usernames, passwords, credit card numbers and other data stored in the user’s browser.
The Corona-Virus-Map.com Trojan is distributed through infected email attachments, malicious online ads, social engineering, and software vulnerabilities, according to PCRisk.com.
Fraudsters also target consumers through a more common tactic: phishing email attacks. Phishing emails will use the virus as a lure in the subject line. The email’s text may contain false news about the COVID-19. Some emails claim to be from CDC or WHO, and others offer a link to coronavirus map of the recipient’s neighborhood, or an update on how many people have been infected. The emails attempt to trick users into enter personal information or click on a link that will download malware on user’s computer.
In summary, be careful with communications regarding COVID-19:
- Use only reputable sources when searching for information about the coronavirus.
- Be aware of phishing emails and never click unknown attachments or links.
- Be cautious of emails and phone calls offering unexpected information and asking for personal information.