Phishing scams were up as much as 667% by the end of March, with most scams targeting personal email accounts. By April 22, Google reported having detected 18 million COVID-19 malware and phishing Gmail messages per day.
Scammers are taking full advantage of fear, distraction, and disorientation right now.
Fraudsters know you’re at home using your electronic devices, which improves their odds of success. It also helps that your inbox is flooded with legitimate coronavirus emails so their fake ones blend in.
What do the scammers want? To steal your personal information and login credentials, download malware (including ransomware), trick you into sending them money, and otherwise separate you from your valuables. It’s what scammers do for a living.
What to look for — the current top scams
Be suspicious of ANY email related to coronavirus or COVID-19. In particular, be on the lookout for emails that:
- Appear to be from the Centers for Disease Control and Prevention (CDC) or the World Health Organization (WHO)
- Offer coronavirus cures, treatments, vaccines, or testing kits — scammers are using names of trusted brands to trick people
- Sell protective gear, including masks, gloves, gowns, and face shields, or products, including hand sanitizer and disinfectants
- Notify you about a delayed shipment
- Offer access to the latest COVID-19 updates, including the location of infected patients in your area
- Claim that you need to sign up for government relief payments (you don’t) or offer ways to expedite the payment (you can’t)
- Play on your sympathy, such as one that uses the subject line, “Please help us with Fighting corona-virus”
- Appear to be from someone in your HR department asking for quick action or personal information
- Appear to be from someone in a leadership position at your company asking for information or to transfer funds
Scammers target senior citizens disproportionately and now, with older people using technology more than they usually do, older people are even more likely to become victims.
What to do (and not do)
- Slow down — look at emails carefully and, better yet, if you don’t know the sender, don’t look at them at all
- Don’t click on links or open attachments on your computer, phone, or tablet
- Keep your personal information personal — never provide usernames, passwords, date of birth, social security number, credit card numbers, or financial information by email (or web pages linked to emails) even if the sender says it’s urgent
- Inform your IT department if it’s a work-related scam or you received the email at your work email address
- Navigate directly to the CDC, WHO, and other trusted websites for virus updates and information
- Donate to organizations by navigating directly to their websites
- Install highly rated antivirus apps on all your devices and keep them updated in case you mistakenly click or download
Report scams to the FTC and file a complaint with the FBI to help stop fraudsters so they don’t fool others