COVID-19 continues to dominate headlines. However, some risks posed by the virus receive less coverage than others — especially when it comes to identity theft. Unfortunately, cybercriminals are always on the lookout for ways they can scam victims, and pandemics create an ideal climate for fraud.
Chances are your inbox is already flooded with emails about COVID-19. Most of these messages may be legitimate and helpful, such as school-closure notifications, event cancellations, and work-from-home instructions. But, authorities have also documented targeted phishing campaigns and other online schemes related to coronavirus.
At InfoArmor, we believe knowledge is key to protecting your data, especially in such a rapidly evolving situation. With that in mind, here’s a look at some of the coronavirus-themed attacks that are already circulating, plus a primer on the hallmarks of phishing and the PrivacyArmor features that can help.
Be wary of emails offering unsolicited COVID-19 updates or coronavirus “cures”
The promise of a cure for coronavirus can seem like a blessing in an anxious time. If such an offer lands in your inbox, though, be wary.
Last week, the Federal Trade Commission and U.S. Food and Drug Administration sent joint warning letters to seven companies for selling “unapproved and misbranded products,” such as teas and essential oils, which were falsely marketed as treatments for COVID-19. As of March 6, 2020, there are currently no vaccinations or drugs available to treat or prevent the virus. Don’t click a link from any seller who claims otherwise.
Security experts have also documented phishing campaigns from attackers posing as the Center for Disease Control (CDC) and the World Health Organization (WHO).
These fraudulent emails may be infected with malware designed to capture keystrokes, credentials, or payment information. Any unsolicited email about the health crisis should be met with healthy skepticism. When in doubt, do a quick gut-check. Would you really find out about a scientific breakthrough from a random email?
Other emerging scams may hinge on bogus coronavirus-related “charities.” Before making a charitable contribution, consider the FTC’s tips for donating wisely, including the following:
- Before giving, search the organization’s name, plus words like “scam” or “complaint”
- Do not wire money to a charity; pay by check or credit card
- Use these organizations to help you research charities
Understand the hallmarks of phishing
Phishing scams are likely to continue as the coronavirus story unfolds. The good news is that with a little practice, the hallmarks of phishing are easily recognizable:
- Blurry images
- Frequent typos
- Misspelled URLs (hover your mouse over a link to read the full address)
- Urgent requests to “act now” or send money
- Urgent requests to enter log-in credentials to unlock your account
In addition, it’s generally smart to avoid emails from unknown senders and to be wary of unexpected requests for credentials or payment.
If you’re a PrivacyArmor member, use our features to up your defenses
In times of uncertainty, people are historically more vulnerable to schemes, and the coronavirus outbreak is no exception. Luckily, there are a few things PrivacyArmor members can do right away to help protect themselves.
- If you haven’t yet done so, enable Credit Monitoring. It only takes a few moments, and it will allow us to track your credit report and score for suspicious behavior.
- Add important items, like credit card numbers, to our Dark Web Monitoring tool. We'll scour the dark corners of the internet for your details, and alert you if we find your information for sale.
- Think you might be a victim of fraud or identity theft? Our highly trained specialists are available round-the-clock to help with remediation — and our advanced planning ensures they’ll be around in times of crisis.
We know times like this can be challenging; just remember that InfoArmor is always here for you.