The COVID-19 pandemic has provided cybercriminals a new way to scam people. Phishing e-mails that target those fearful of the coronavirus are appearing in consumer in-boxes worldwide, as are appeals from phony charities preying on people’s good intentions. Here’s what you need to know about coronavirus cyber scams.
Types of coronavirus cyber scams
Scammers send e-mails designed to win your trust so you will open them and then click on links or fill out forms with private information they can use to exploit you. These e-mails may tout a supposed COVID-19 vaccine, cure or some other bogus type of protection. Or they may purport to be from your employer, your children’s school district or another trusted source promising important material and requesting your log-in information. Providing it gives the crooks access to your company’s or your school’s database. Other coronavirus cyber scam e-mails provide a link that, if clicked, will download malware onto your computer that will secretly monitor and capture your online activity.
In another type of coronavirus cyber scam, crooks will use a decoy website to advertise products that seem to come from online retailers you trust. But the credit card information you provide in response isn’t buying you anything: It’s allowing a cybercriminal to go on a shopping spree. Apps that supposedly provide updated COVID-19 statistics and tips may also be coronavirus cyber scams. Some have locked devices up with ransomware, or downloaded keylogger malware that steals log-in credentials from your computer.
Finally, some coronavirus cyber scams are promoting phony charities that claim to be soliciting donations to help those in need.
You should always be suspicious of any unsolicited e-mail with attachments or links. These could unleash a virus onto your computer. It’s a good idea at any time, not just during the COVID-19 epidemic, to install strong antivirus software on your computer and keep it updated.
When an e-mail that appears to have come from the Centers for Disease Control (CDC) or World Health Organization (WHO) appears in your inbox, you may be tempted to click on it immediately. Slow down! You can avoid most coronavirus cyber scams. Think before you click. How would the CDC or WHO have your e-mail address? If the e-mail promises a vaccine or a cure, remember that official reports say that such measures are months or years away. If you happen to open such an e-mail, do not click any offered links nor complete any attached forms.
Take similar precautions if you receive e-mail that claims to have come from your employer or school. Contact that source through an e-mail you write or by phone to make sure the e-mail you received is legitimate before you click on any links in it or provide any information. If an e-mail seems to have come from a trusted online retailer, don’t click on any links within it. Instead, go to Google and find the actual website for that retailer. Type that address into your browser, and look for the same offer on the retailer’s website to see if it is legit. Order only from the official site, not through the e-mail.
Remember that government agency websites all end with “.gov” and educational institutions’ web addresses end with “.edu.” Ignore solicitations from websites with a different ending.
Do not give out bank, credit card or other sensitive information in response to unsolicited e-mails.
Before clicking on a link in an e-mail, hover your mouse pointer over it. This will reveal the full address. If the address suffix ends in “RU,” it means the solicitation is from Russia, where many such scams operate. You can also open another browser window and search on your own for the organization’s website so you can compare the two addresses.
Because many coronavirus cyber scams originate in foreign countries, watch for misspellings like “corronavirrus” as well as awkward grammar and other clues that someone outside the U.S. composed the solicitation.
Before responding to a request for a charitable donation, check out the charity on Charity Navigator or on Guidestar.org. To be extra safe, stick with charities you already know and contact their websites yourself to make a donation.
Related – Creating Strong Online Passwords