Coronavirus Scams

Coronavirus Scams - Please Stay Safe and Aware (from the FTC and The KnowBe4 Security Team)

 
Other ongoing scams unrelated to Coronavirus

Relief Scam

A new phishing email—seemingly sent from your local government funding agency—is offering phony relief grants to those in need. What makes this scam especially sneaky is that the bad guys use a Dropbox link to disguise their malicious attachment. Dropbox is a legitimate and commonly-used file sharing service. Therefore, the email security filters that your organization has in place may not consider the link as a red flag–increasing the chances of this email landing in your inbox.

The phishing email urges you to click a Dropbox link so you can download a file that supposedly contains information about your relief grant payment. The link even includes an expiration date for an added sense of urgency. If you click the link, then, download and open the phony file, you’re taken to a look-a-like Microsoft 365 login page. If you enter any information on this page it will be sent directly to the scammers.


"Don't Have to Wear a Mask; Disability Card"   Scam

To help limit the spread of the Coronavirus, many states are requiring people to wear face coverings in places open to the public. But there are cards circulating online and on social media that say the holder has a disability that prevents them from wearing a mask, and that it’s illegal for any business to ask them to disclose their condition. Variations of the card include the seal of the U.S. Department of Justice (DOJ), one of the federal agencies responsible for enforcing the Americans with Disabilities Act (ADA).

The fact is, these cards aren’t issued or endorsed by DOJ, or any other federal agency. DOJ urges the public not to rely on the information contained in these postings, and to visit ADA.gov for ADA information issued by the agency. For information about your rights under the ADA, visit ADA.gov, or call 800-514-0301 or 800-514-0383 (TTY).


Contract Tracing Scams

Legitimate contact tracers may call, email, text, or visit your home to collect information. They may ask you for:
  • Your name and address
  • Health Information
  • The names and places and people you have visited

Scammers will ask you to do more. Here are some things to do to protect yourself from fake contact tracers.
  • Don’t pay a contact tracer. Anyone who says you need to pay is a scammer, plain and simple.
  • Don’t give your Social Security number or financial information. There’s no reason for a legit contact tracer to need your Social Security number, bank account, or credit card number.
  • Don’t share your immigration status. Legit contact tracers don’t need — and won’t ask for — this information.
  • Don’t click on links or download anything sent from a contact tracer. Real tracers will only send you texts or emails that say they’ll be calling you — not ask you to click or download anything.

What should you do if you think you’re dealing with a fake contact tracer? Check with your state health department to see if they have a way to make sure the person contacting you is a real contact tracer. Otherwise, hang up, close the door, or don’t respond to, click on, or download anything that may be in an email or text. Then, report it to your state and tell the FTC about it at FTC.gov/complaint.


Supermarket Spoofs

Grocery delivery services have been quite popular during the COVID-19 pandemic. These services help support social distancing, reduce the number of shoppers in each store, and allow at-risk patrons to safely buy essential items. Unfortunately, the popularity of these delivery services has caught the attention of cybercriminals. The bad guys are now spoofing supermarkets that offer delivery services in hopes of stealing your personal information.

It starts with a phishing email that urges you to log in to your supermarket’s website using the link provided. Clicking the link takes you to a fake login page for your local supermarket. The page asks you to select your email provider (Gmail, Apple, and so on) and then log in to connect your account. Don’t be fooled! Connecting your account actually delivers your email credentials to the bad guys.


Excel Phishing Scam

Microsoft has reported a massive phishing campaign that uses an Excel attachment as bait. The phishing email looks like it is from the Coronavirus Research Center of John Hopkins University–a well known medical organization in the US. The email includes an Excel attachment that is disguised as an updated list of Coronavirus-related deaths, but the file actually contains a hidden piece of malware.

If you open the infected Excel file and click “Enable Content” when prompted, a program called NetSupport Manager will be automatically installed on to your computer. This program is a tool that allows someone to access your computer remotely. Cybercriminals are using NetSupport Manager to gain complete control over a victim’s system; allowing them to steal sensitive data, install more malicious software, and even use the machine for criminal activities. Don’t be a victim!


Zoom Meetings

Whether you’re working from home or trying to stay in touch with loved ones, video conferencing apps like Zoom are becoming the new normal. Cybercriminals have exploited this type of application before, but their latest scam may be the trickiest yet.

Scammers are sending out phishing emails with links to download the latest version of Zoom. When clicked, the link takes you to a third-party website–not the official Zoom site–to download an installer. If you download and run the file, the program truly does install Zoom. The trick is, the installer also places a remote access trojan (RAT) on to your computer. This RAT gives cybercriminals the ability to observe everything you do on your machine. This includes keylogging (saving what you type), recording video calls, and taking screenshots–all of which can be used to steal your sensitive information.


College Students

Hey college students: even though you’re likely far from campus, scammers are still trying to find you.

Maybe you or your friends have gotten an email claiming to be from the “Financial Department” of your university. The email tells you to click on a link to get a message about your COVID-19 economic stimulus check — and it needs to be opened through a portal link requiring your university login. Don’t do it. It’s a phishing scam. If you click to “log in,” you could be giving your user name, password, or other personal information to scammers, while possibly downloading malware onto your device.


Unemployment  - Phony Work at Home Opportunities

Due to the Coronavirus crisis, unemployment numbers have skyrocketed. As usual, the bad guys are quick to take advantage of these hard times and are sending out phony work-from-home opportunities. Typically, these phishing emails contain grammar mistakes and offer minimal details about the hiring company and the job requirements. But the scammers still manage to grab your attention because the job opportunity includes a great paycheck.

Once accepted, these scammers ease the victim into their new "job", by asking them to complete basic errands, but eventually they’re given the task of transferring funds from one account to another. Typically, these are stolen funds and the unsuspecting "employee" is being used as a money mule. Even though these victims are unaware of the crime they are committing, they can still face hefty fines and prison time.


Government Emails and Texts - You are being Fined

Governments across the globe have created restrictions to help reduce the spread of Coronavirus. These regulations change often and vary by country, region, and city. So knowing exactly what is expected of you can be a challenge. It’s no surprise that the bad guys are taking advantage of this confusion!

Cybercriminals are using text messaging, or short message service (SMS), to pose as a government agency. The message says you have been seen leaving your home multiple times and as a result you are being fined. They urge you to click on their official-looking link to pay this "fine" online. If you click the link, you’ll be taken to a payment page where you can give your credit card details directly to the bad guys!

This tactic is known as “Smishing” (SMS Phishing). Smishing can be even more convincing than email phishing because criminals know how to spoof their phone number to appear as though they're calling from an official source. Be careful!
 
 
Relief Checks
You’ve probably heard the news by now – the government is sending out relief checks as part of the federal response to the Coronavirus. Scammers heard the same thing, and they’re hoping to cash in on yours.

The details of how this will all work are still coming together, but we do know a few things about how this will – and will not – work. For now, here are some things to know. 
  • You don’t need to do anything. As long as you filed taxes for 2018 and/or 2019, the federal government likely has the information it needs to send you your money. If you haven’t filed taxes recently, you’ll need to submit a simple tax return to get your check. (More on who’s eligible here.)


  • Do not give anyone your personal information to “sign-up” for your relief check. There is nothing to sign up for. Anyone calling to ask for your personal information, like your Social Security number, PayPal account, or bank information is a scammer, plain and simple. Also be on the lookout for email phishing scams, where scammers pretend to be from the government and ask for your information as part of the “sign-up” process for the checks.
 
  • To set up direct deposit of your check, communicate only with the IRS at irs.gov/coronavirus. And you only need to do this if you didn’t give the IRS your bank information on your 2018 or 2019 return. In the coming weeks, the IRS will be setting up an online form available through irs.gov/coronavirus. But nowhere else, and never in response to an email, text, or call.
 
  • No one has early access to this money. Anyone that claims to is a scammer. The timeline for this process is not exact, but it looks like funds will start going out in the next few weeks. Scammers are using the lack of detail to try to trick people into giving their personal information and money.
 To get official updates and more information, visit the IRS’s page on economic impact payments. And if you come across a scammer trying to take your check, we want to hear about it. Report it at ftc.gov/complaint.


For those eligible for Stimulus Checks, but did not file taxes,  the IRS has created apage on their web site with information.  Please make sure you only provide this information thru the IRS.gov web site.


w window)
Coronavirus Treatments 

The Federal Trade Commission continues to send warning letters to companies attempting to sell unapproved and misbranded products claiming to be treatments or preventitives of the virus.  You can read more, including a list of these companies, on the FTC website.
 

Medicare scams

Scammers might call to offer things like a “COVID-19 kit,” “Coronavirus package,” or Medicare benefits related to the virus. But they’ll ask you to verify personal information like your bank account, Social Security, or Medicare numbers. If you get a call from someone who says they’re a Medicare representative and they ask for this information, hang up. It’s a scam, not Medicare calling. Report it to the FTC at ftc.gov/complaint. 

 
 CDC Closing Your facility
As the COVID-19 pandemic rages on, the bad guys find increasingly creative ways to weaken your defenses. The newest phishing trend is an email that appears to be from the CDC (Centers for Disease Control and Prevention). The email has an intense subject line: “NOTICE OF CLOSING YOUR FACILITY AND DISINFECTING THE AREA - BY NCDC WH 20982 COV-19 Due To Recent Corona Virus COVID-19 Pandemic.”

You’re instructed to download an attachment which is supposedly a letter from the CDC claiming that they will close your facility. If you download the file, you’d find that it is actually a malicious program designed to gain access to your company’s sensitive information. Don’t be tricked!
 

Help with Errands

If you’re an older adult or a caregiver for one, you may need help picking up groceries, prescriptions, and other necessary supplies. If someone you don’t know offers to help, be wary. Some scammers offer to buy supplies but never come back with the goods or your money. It’s usually safer to find a trusted friend or neighbor or arrange a delivery with a well-known company.

If you’re ordering supplies online, know who you’re buying from. Online sellers may claim to have in-demand products, like cleaning, household, and medical supplies when, in fact, they don’t. Use an established delivery service, or order directly from the store. Many grocery stores and pharmacies are offering contactless delivery. If you need additional help for yourself or a loved one, the Eldercare Locator, a public service of the U.S. Administration on Aging, can connect you to services for older adults and their families. You can also call 1-800-677-1116.
 
 

Grandparent's Scam

“Grandma: I’m in the hospital, sick, please wire money right away.” “Grandpa: I’m stuck overseas, please send money.” Grandparent scams can take a new twist – and a new sense of urgency – in these days of Coronavirus. Here’s what to keep in mind.
In grandparent scams, scammers pose as panicked grandchildren in trouble, calling or sending messages urging you to wire money immediately. They’ll say they need cash to help with an emergency – like paying a hospital bill or needing to leave a foreign country. They pull at your heartstrings so they can trick you into sending money before you realize it’s a scam. In these days of Coronavirus concerns, their lies can be particularly compelling. But we all need to save our money for the real family emergencies.
So, how can we avoid grandparent scams or family emergency scams? If someone calls or sends a message claiming to be a grandchild, other family member or friend desperate for money:
  • Resist the urge to act immediately – no matter how dramatic the story is.

  • Verify the caller’s identity. Ask questions that a stranger couldn’t possibly answer. Call a phone number for your family member or friend that you know to be genuine. Check the story out with someone else in your family or circle of friends, even if you’ve been told to keep it a secret.

  • Don’t send cash, gift cards, or money transfers – once the scammer gets the money, it’s gone!


Emails from Hospitals

The newest Coronavirus-themed phishing attack may be the most ruthless yet. The cybercriminals are sending emails that appear to be from a hospital and warn that you have been exposed to the virus through contact with a colleague, friend, or family member. Attached to the email is a “pre-filled” form to download and take with you to the hospital. Don’t be fooled. The attachment is actually a sophisticated piece of malware. This threat relies on panic and fear to bypass rational thinking. Don’t give in!
 

Home Test Kits

Right now, scammers are scuttling out of their dark corners to offer false hope (Home test kits! A cure!) and use fear (Your Social Security number is about to be revoked! Your loved one is in trouble!) – all to get your money or information. (None of those things are real, by the way.) They’re asking for your bank routing number to “help” you get your relief money – which is not how you’ll get it, by the way. They’re sending fake emails that look real, but those fake CDC or World Health Organization emails are trying to steal your personal information – or, if you click a link, put malware on your computer, tablet, or phone. Scammers are calling (and calling…and calling…), using illegal robocalls to pitch you the latest scammy thing. They’re texting, and they’re all over social media.So, while you’re washing your hands and working to stay safe, here are a few ways you can help protect yourself – and those you love – from scammers. 
  1. Don’t be rushed. Whatever the call, email, text, or social media post is about, remember that scammers try to rush you. Legit people don’t.
  2. Check it out. Before you act on something or share it – stop. Do some research. Do the facts back up the story?
  3. Pass it on. If you get offered something great, or you’re worried about something alarming: talk to someone you trust before you act. What do they think?
  4. Keep in touch with the FTC. Sign up for Consumer Alerts to help spot scams: ftc.gov/subscribe. And watch for the latest at ftc.gov/coronavirus.

Report scams to the FTC. Go to ftc.gov/complaint. Your report can help us shut the scammers down.

 

Working from Home

Don’t Fall for This “Phony” Call

The Coronavirus Disease (COVID-19) pandemic has caused a massive shift in the number of employees who are working remotely. From a cybercriminal’s perspective, this is a perfect opportunity for their social engineering scams.

One scam involves cybercriminals calling you and posing as support personnel from the companies or services that your organization may be using to allow you to work remotely. Typically, the caller will try to gain your trust by stating your job title, email address, and any other information that they may have found online (or on your LinkedIn profile). Then, the caller claims that they will send you an email that includes a link that you need to click for important information. Don’t fall for this scam!


 

Direct Deposits

 
As the Coronavirus takes a growing toll on people’s pocketbooks, there are reports that the government will soon be sending money by check or direct deposit to each of us. The details are still being worked out, but there are a few really important things to know, no matter what this looks like.

  • The government will not ask you to pay anything up front to get this money. No fees. No charges. No nothing.
  • The government will not call to ask for your Social Security number, bank account, or credit card number. Anyone who does is a scammer.
  • These reports of checks aren’t yet a reality. Anyone who tells you they can get you the money now is a scammer.

Look, normally we’d wait to know what the payment plan looks like before we put out a message like this. But these aren’t normal times. And we predict that the scammers are gearing up to take advantage of this.So, remember: no matter what this payment winds up being, only scammers will ask you to pay to get it. 


Emails from Charities and Government Agencies


Emails that appear to be from organizations such as the CDC (Centers for Disease Control), or the WHO (World Health Organization). The scammers have crafted emails that appear to come from these sources, but they actually contain malicious phishing links or dangerous attachments.
  • Emails that ask for charity donations for studies, doctors, or victims that have been affected by the COVD-19 Coronavirus. Scammers often create fake charity emails after global phenomenons occur, like natural disasters, or health scares like the COVID-19.
  • Emails that claim to have a “new” or “updated” list of cases of Coronavirus in your area. These emails could contain dangerous links and information designed to scare you into clicking on the link.

    Remain cautious! And always remember the following to protect yourself from scams like this:

  1. Never click on links or download attachments from an email that you weren’t expecting.
  2. If you receive a suspicious email that appears to come from an official organization such as the WHO or CDC, report the email to the official organization through their website.
  3. If you want to make a charity donation, go to the charity website of your choice to submit your payment. Type the charity’s web address in your browser instead of clicking on any links in emails, or other messages.
 
Coronavirus Update Orange