Practical Tips to Protect Against Coronavirus Scams
By Mark Skelton, IT Force Chief Technology Officer
Amidst the confusion and fear surrounding the ongoing COVID-19 pandemic, hackers and scammers have come out of their cocoons to take advantage of the vulnerable. Statistics indicate that people have lost more than €1 million from February 2020 to Coronavirus related scams.
A large percentage of these scams are occurring online and are executed in the form of phishing emails, fake online sellers, and malicious social media adverts. You should note that there have also been reports of some in-person COVID-19 scams.
The following is a look at some of the Coronavirus scams that have so far come to light, and tips to use to help you protect your hard-earned money.
Phishing Emails
By now, chances are that you have already received, and continue to receive numerous COVID-19 related emails from well-known companies, businesses, your employer and even your child’s school. The large number of sensitisation emails being sent is what makes it even easier for the phishing emails to easily catch your attention after slipping through the net.
‘Patient Names Revealed’
For this particular phishing attempt, the scammers sending out the emails are posing as CDC (Center for Disease Control) and WHO (World Health Organisation) representatives. They are contacting would-be victims with the promise to send out the names of those who have already contracted the virus in your locality in exchange for a small payment.
In the email, the scammers may ask you to send a payment using Bitcoin or any other renowned cryptocurrency or for you to complete payment by making a bank transfer. Within the email is a link that they will encourage you to access to complete the payment. On clicking the link, the scammers will want your personal information, e.g. date of birth, address and full name.
This will be in addition to requesting for your personal banking information.
‘COVID-19 Safety Measures’
Some scammers are sending out emails where they are offering to provide you with details on recommended safety measures or other medical details that you may deem important. The emails are structured convincingly, with the headline being ‘measures to take to safeguard yourself from COVID-19.’
As is the case with any other phishing email, you will be provided with a link to follow to obtain the information. Some are going as far as providing a PDF document for download purposes, which immediately infects your computer or device with malware.
‘Get Access to All the Latest Statistics’
In this case, those sending the emails are also posing as representatives from the World Health Organisation. However, the difference here is that they are offering to ensure that you have access to the current statistics related to new coronavirus infections and deaths. All you need to do is to click on the link they have provided in the email.
But clicking on that link could cause your device to become infected with viruses and malicious malware that will immediately lock you out of your phone or computer. Alternatively, it could also access your private details including crucial financial and personal information, or even take control of the device completely.
The details obtained from your device are then used to commit identity theft.
‘Tax Refunds from Revenue’
There is another group posing as Revenue and stating that the government is issuing tax refunds as a way of assisting people to cope with income shortages being experienced. Note that this isn’t part of the government’s strategy. Additionally, you should know that Revenue will never contact you via a phone call, text, or email to provide you with a tax refund.
Those sending out these emails are doing so in a bid to steal bank details and vital personal information.
‘Make a Donation to the Cause’
You have probably already seen some of these pages popping up online. It’s a scam where a scammer or group of scammers set up fake donation pages. Email recipients are then requested to click on a given link that will redirect you to a webpage where you are supposedly required to donate.
Most of the emails being sent out are claiming that the money will be used to try and find a cure for the virus. But the reality is that the purpose of setting up the website is to capture your banking details and steal your money and your personal information. The only website that should be trusted to raise funds to assist in finding a cure is the one set up by WHO.
If interested, you can donate to this particular cause by visiting the official World Health Organisation website. The organisation doesn’t send out emails soliciting donations.
How to Protect Yourself from Coronavirus Phishing Scams
To start with, you should note that the World Health Organisation has indicated on its website that it will never send you an email requesting your password or other personal details. Additionally, WHO won’t send you an attachment to your email that you haven’t explicitly asked for. Thirdly, the organisation will not ask you to visit any other website that is outside its official portal—http://www.who.int. If you are suspicious of any email purporting to be from WHO, you can use the contact button on its website to communicate with them directly.
Other measures to protect yourself will include verifying the email sender by checking the email address used. For scammers claiming to be from WHO, and whose email addresses don’t end with ‘@who.int’, note that those are scammers. Don’t click on any links that they could have included in the email.
It’s also important that you don’t divulge your details to people you don’t know, or people you have communicated with before, or who you haven’t asked to send you an email. You have to learn to apply common sense and to make a decision on whether this person has a good reason for asking you to send them your banking details.
As a content consumer, you shouldn’t have to make any payments for you to access information that is readily available in the public domain. In case you see a scam email, report it, as this will help to ensure that others won’t get scammed.