FBI warns about COVID-19 scams
CINCINNATI (FOX19) - The FBI is now warning against coronavirus-related scams. They say scammers are working to steal your personal information.
FOX19 NOW tech expert, Dave Hatter shares some simple tips to protect yourself.
- Many government agencies including the FDA, FTC, FBI, and the Secret Service have warned about Coronavirus-related scams and Phishing.
- Jan 6th, 2021, the FBI warned about COVID-19 vaccine scams that are trying to steal personal information, conduct identity theft, scam victims, and all with the potential for criminal financial gain.
- For example, the Secret Service wrote “The United States Secret Service is proactively taking steps to alert the public about the types of email scams associated with the Coronavirus.”
- The FTC recently warned about these types of scams on their website: “They’re setting up websites to sell bogus products, and using fake emails, texts, and social media posts as a ruse to take your money and get your personal information.”
- The FBI has warned about various scams including Business Email Compromise schemes related to the COVID-19 Pandemic and spoofed job offers.
- Many Coronavirus-related phishing scams have been launched including one containing malicious links and PDFs that claim to contain information on how to protect yourself. Another claims a friend, family member or college has been exposed and you need to print the attached file and head to a testing center.
- Anti-virus and anti-Phishing software is constantly improving but the bad guys are making massive amounts of money, are very devious, and are always at least one step ahead.
- With stimulus checking going out, expect a wave of phishing scams and spoofed websites focused on those payments
- What you can do:
- Be highly skeptical of ANY email, text, voicemail, or social media post that claims to be related to the stimulus payments.
- Take a Zero Trust stance and don’t click any links or open any attachments from ANY unsolicited email, text, or message.
- Verify all messages out-of-band. Open a new browser window and type in the URL of the site that a message purports to be from. Or call the organization using a phone number you looked up independent of the message you received. These scams are big business and in some cases, criminals have overseas call centers to take calls.
- If you open a file from an attachment that asks to “Enable Macros”, don’t do it UNLESS and UNTIL you verify from the sender that it’s legitimate.
- Be skeptical of any web page that asks for your user credentials unless YOU went directly to that URL by typing it in, and confirm that it’s correct by carefully examining the URL. It’s very easy for criminals to scrape (copy) a legitimate website and created a spoofed website with a very similar domain, for example, https://www.f0x19.com/ vs https://www.fox19.com/ or https://www.kroger.com/ v.s. https://www.krog3r.com/ or https://www.irs.gov/ vs https://www.lrs.gov/.
- Keep your anti-virus/malware software updated.
- Use a strong, unique passphrase for every site/app/platform.
- Use a password management application. At Intrust IT, we recommend LastPass.
- Enable multi-factor authentication (MFA, 2FA) anywhere and everywhere you can.
- Remember that a lock in the URL bar of your browser does not guarantee the legitimacy of a site, bad guys can and do purchase TLS certificates too.
- For information related to the payments, go directly to the IRS web site here: https://www.irs.gov/coronavirus/get-my-payment.
- Rely only on reputable sources for information related to COVID-19 such as:
See a spelling or grammar error in our story? Click here to report it. Please include title of story.
Copyright 2021 WXIX. All rights reserved.