Cybercriminals will do anything to make a quick buck.
And that includes preying on people during the worst crisis of a generation. The coronavirus pandemic has led to an increase in scams across the world. The attempted fraud ranges from phishing emails that hide malware to malicious SMS messages trying to access your smartphone.
The lesson is this: stay alert to all threats, especially now it’s all too easy to let other distractions take over. For if you fail to spot the scam, you’ll put yourself at risk of downloading another sort of virus.
Here are some of the most common attacks currently doing the rounds.
A Bogus World Health Organization Email
There are several phishing emails in circulation, each trying to trick you into clicking a link. A scam email we saw in mid-March claimed to be from the World Health Organization. It asked the recipient to ‘click on the button below’ to download safety measures against Covid-19.
However, if you clicked this link, what you actually downloaded was a hidden computer program that gave cybercriminals a way to track keystrokes on your keyboard. From there, the hackers could steal card information, passwords — anything you typed. Sadly, this has been just the first of many phishing attempts.
Shoals have arrived in recent weeks, each looking to deceive and defraud:
- Some try to lure you to an apparently-legitimate website that asks for personal information ‘on behalf of’ the United Nations or the Center for Disease Control and Prevention;
- Others (like the bogus WHO email) try to convince you to click a link before downloading ransomware that requires you to pay a sum of money if you want the thieves to unlock your computer files.
There are even phishing emails asking for money directly: be it for cures, vaccines, or medical equipment (FYI: at the time of writing, there are no cures or vaccines). One message requested $4.95 to cover shipping costs for a vaccine kit; another offered a free bottle of hand sanitizer on your next Amazon order, provided you share your login details.
Both claims were, of course, fake. The above goes to show: phishing emails can take any form, but being aware they exist puts you in a strong position to avoid them.
The Fake Real-Time Virus Tracker App
A second threat to emerge has been text messages sent to phones.
One such SMS contained details of an app that could track the coronavirus’s spread in real-time — with a message along the lines of, ‘Click here to be the first to know when it’s spreading in your community.’ But the link did no such thing. Rather, if you clicked it, you downloaded an app that could:
- Listen to you via your phone microphone
- Watch you via your smartphone camera
- Read every message on your device
Other messages have included links to claim free face masks from the Red Cross and ways to request an additional $1,000 from the government to help you through the crisis. You’d think now was a time for the world to pull together… it seems cybercriminals think otherwise.
8 Ways To Fight The Coronavirus Scammers
It doesn’t take a computer science degree to spot a cyber-scam. All you need to follow is a few bits of simple advice to stay cyber-safe. Then, you can focus on the more pressing matters of the day.
- Always Think Before You Click
The simplest advice to give, often the hardest to follow. When you see a link, instinct says, ‘Click it.’ You must rewire your brain to think, ‘question it’ instead. Often, you won’t recognize the sender, which makes it easier to spot the risk. However, even if you think you know where a message came from, always question if it’s legitimate.
- Check The Source
Any request — be it via email, SMS, or phone call — that asks for personal or financial information is most likely fake. If you receive such an ask, contact the organization directly to confirm if they sent the message. Alternatively, forward anything suspicious onto www.usa.gov/stop-scams-frauds, so the authorities can track the risk.
- Warn Your Friends
If you get a suspect message, let people know, ‘a scam is doing the rounds.’ And keep a lookout for less tech-savvy relatives: some people won’t realize the risks that lie in emails, text messages, even social media — help them stay safe.
- Keep Passwords Strong
Make sure your passwords are long, complicated, and unique. Don’t use the same password across accounts. And if you can, update passwords every few months. If you’re worried you’ll forget them, use a password manager to make sure you don’t.
- Use Antivirus Software
Robust antivirus software is the best defense against a cybersecurity attack. Download it to all your devices and set it to auto-update. Then, you’ll stay safe from the latest malware, ransomware, and all. It might be OK to use a free option, but you’ll feel much more secure if you pay for comprehensive coverage.
- Be Wary of Public WiFi
We’re spending more time than ever at home. Still, if you do go out, resist the temptation to use public WiFi. These connections are a hotspot for cyberthieves to try to access your data. If you need to browse while out, then use a virtual private network.
- Stay Safe While Shopping
Fake websites are a criminal’s best friend. They’re easy to use to steal personal details, including login credentials and payment information. Make sure to shop on reputable retailer websites only. Always lookout for the little lock icon in the browser status bar. And make sure website URLs start with https — as the ‘s’ indicates a site is secure.
- Know Your Back-up Plan
Your absolute last line of defense is data back-up. If you have a back-up, you’ll always be able to retrieve information if you do fall victim to ransomware or a virus. All you need is a USB stick or external hard drive — and access to the cloud.
And there you have it! Eight ways to avoid trickery at this already treacherous time.
If you’re still worried about being scammed, give Mid-coast Tech a call on 207-223-7594 — we’d be delighted to walk you through setting up the right antivirus software to keep you 100% secure.