black-banner.jpg

Coronavirus (COVID-19) Scams, Phishing Schemes and More!

 

The coronavirus (COVID-19) has provided fuel for cyber criminals to prey upon the public’s concern about this global crisis. The scams are designed to trick people into sending money, to disclose personal information or to click on emails and websites that deliver computer malware onto your computer or network. These include:

  • Impersonating a legitimate medical or health organization selling products that claim to prevent, mitigate, treat, diagnose or cure coronavirus.
  • Posing as a government organization claiming to provide information about coronavirus, such as heat maps or infographics.
  • Seeking donations for charitable causes related to the virus.
  • Posing as an in-demand medical supply company offering to sell hard-to-find medical supplies to protect against the virus.

Learn the characteristics of some of the most common scams and how to protect you and your family.

Coronavirus Phishing

phishing credit card data with keyboard and hook symbol 3d illustration

Email or text messages may tempt you to click on a link promising urgent news about coronavirus or to share personal or banking information. Phishing attacks are designed to resemble legitimate correspondence and rely on your inability to spot them. Red flags include:

  • Misspellings
  • Grammatical errors
  • Creating a sense of urgency
  • Requesting personally identifiable information (PII)
  • Requesting user IDs and passwords
  • Threatening with consequences
  • Making demands
  • Take action

For more information on how to spot and avoid a phish, see Learn How to Catch a Phish.

Charitable donation scams

Fraudsters may seek donations for charitable causes, posing as legitimate medical and/or health organizations. Email requests may be highly convincing as fraudsters are able to match the logos and formats of actual organizations and can create fake website URLs. Be cautious about the following:

  • Requests to send charitable donations by gift card or by wiring money are red flags. Ask for detailed information about the organization and do not share personal information until you have researched the charity. Check with the (External)Internal Revenue Service(External)Better Business Bureau(External)GuideStar.org or(External) Charity Watch to verify that the charity is legitimate.
  • Do not respond to emails, text messages or social media posts asking for donations. It is better to contact the charity directly through its official website or phone number.
  • Be wary of giving to fundraising platforms/crowdfunding sites. While these sites contain many worthy causes, they do not screen users for authenticity. Ensure you are donating to a legitimate source.

Coronavirus Medical and supply scams

Protective mask and a hand sanitizer

Scammers may set up fake websites that offer “cures” (both natural and pharmaceutical), vaccines, testing kits and items that are in short supply at a low price, such as hand sanitizer.

These phony websites may be designed to steal your credit card information or infect your computer with malware. Scammers may also demand payment up front, and then fail to deliver the ordered products. Tips to avoid a scam include:

  • Ignore online offers for vaccinations and remedies for coronavirus. There currently are no vaccines, pills, potions, lotions, lozenges or other prescription or over-the-counter products available to treat or cure coronavirus disease 2019 — online or in stores.
  • Watch for emails claiming to be from the Centers for Disease Control and Prevention (CDC) or experts saying that have information about the virus. For the most up-to-date information about the coronavirus, visit the (External)Centers for Disease Control and Prevention (CDC) and the (External)World Health Organization (WHO).

If you suspect a scam or believe you are the victim of any of the above scams, file a complaint with the (External)Federal Trade Commission.

Beware of Misinformation

You may receive text messages, emails or see social media posts that provide information that is not true related to the coronavirus. This misinformation is intended to incite fear and provoke reactions from the public. To validate coronavirus updates, check the CDC website for the latest news.

FAKE Text Message Scam

What Happened

Due to the diligence of PNC’s Fraud and Cyber Defense team, they were made aware of a scam targeting customers of a number of financial institutions predominately with text messages that appeared to be official bank communications. Some customers shared sensitive personal and financial information as a result.

This is called phishing – the attempt by fraudsters to steal your personal and financial information, sometimes through e-mails, mobile text messages (SMiShing) and phone calls.

We are alerting customers of the warning signs of a phishing scam and steps you can take to help protect your sensitive personal information and accounts.

Warning Signs

Text messages and emails containing certain red flags should alert users to a possible phishing or SMiShing attack, including:

  • Misspellings
  • Grammatical errors
  • Offering fantastic prizes
  • Creating a sense of urgency
  • Requesting personally identifiable information (PII)
  • Requesting User IDs and Passwords
  • Threatening with consequences
  • Making demands

Take Action 

If you receive a suspicious text message, take precautions to avoid a phish:

  • Do not respond to suspicious text messages; first confirm it is from a trusted source.
  • Do not click links in a suspicious phish.
  • Do not respond to a text message requesting personal or financial information like credit card numbers, Social Security numbers or other banking information.
  • Do not call a phone numbers contained in a suspected phish. Go directly to a known source of information for contact information, such as the company’s legitimate website.

Action To Help Protect Accounts

If you suspect that your personal information may have been exposed, take these important steps, then be on high alert for signs of identity theft and phishing.

  1. Review your financial statements and online transaction activity. If you notice unauthorized activity on your account, contact your financial institution immediately.  Most financial institutions will not hold their customers  responsible for verified unauthorized activity that is promptly reported.
  2. Check your credit report. You can request a free copy of your three credit reports at each of the three credit agencies once every 12 months at www.annualcreditreport.com. Consider spreading out your reviews, checking one report every four months. Make sure that all the information on your report is accurate. If there is any suspicious activity, contact the credit reporting agency.
  3. Place a 90-day credit alert on your file. This means the agencies will contact you any time someone attempts to acquire credit in your name. There is no charge, but it must be renewed every 90 days. Contact one of the three credit reporting agencies who will then contact the other two.
  4. Consider a security freeze on your credit to block inquiries. As of September 21, 2018, there is no charge to add a security/credit freeze to your account which restricts access to your credit file. However, that restriction applies to both the fraudsters and to you. So remember, when you do apply for credit, you will need to request the agency to lift the freeze temporarily in order for the creditor to access your credit report.

With higher internet traffic, this is also a key time for organizations to utilize search engine marketing (SEM), Google ads, and mobile in-app advertising technology such as Webtracker which geo-fences homes to enhance brand visibility. Strategizing with a digital marketing company like Higher Images will provide businesses with the tools they need to succeed. For more information visit www.howcanmybusinesssurvivethecoronavirus.com

Details from this article compiled from information provided by PNC Bank. https://www.pncbank.com

 

March 19, 2020
By: Craig Hodgkins CTO
POSTED IN