The internet is overrun with a host of scams today and with the onset of COVID-19 (Coronavirus), these scammers are out to prey on your curiosity and your fears. You have likely received countless emails about the spread of COVID-19 in the past few weeks from your bank, insurance provider, and favorite restaurants. This consistent stream of emails makes it easier for phishing emails to go unnoticed. These phishing emails look official with real logos from businesses you may already trust.

Email Phishing

A phishing email is a type of social engineering attack to steal your important data or login credentials.  The tricks used by scammers haven’t changed, but they have started to use the Coronavirus to increase your likelihood of clicking on a link. In most cases, the link goes to a FAKE login page for services like Office 365 [Corona Phishing Example], your bank, credit card, and any other valuable information. If you were to provide your credentials, you would be forwarding your username and password to the scammers, who will use it to gain access to your account later and gather your data.

Fraudulent Applications

We all use applications daily on our phones.  Not long ago, hackers released a malicious app for Android which was quickly discovered by domaintools.com [Coronavirus Tracking App]. While users thought they were getting real time data about the spreading of the COVID-19 virus, it was really giving the hackers access to the data on your phone. Once the hackers have accessed your phone, they would encrypt your phone and hold it for ransom with bitcoin. Update: domaintools.com has released the key [Coronavirus Tracking App Update] to decrypt date if you were affected.

Fake Texts

Most of us use our phone to text family and colleagues daily.  You may have already received fake text about COVID-19 texts to your phone. They often contain real facts about Coronavirus to appear authentic. These are fake and are spreading misinformation that may increase or create panic. Text messages are often a trusted medium by users, but you should be cautious of any information you have received from a text. To get credible information you can visit the Center for Disease Control.

How do I keep myself and my family safe?

  1. You will want to keep your account information and your financial information to yourself. Be cautious of any and all emails and texts that you receive.
  2. Make sure you have Two-Factor Authentication (2FA) enabled on all your accounts. There are several free and paid Two-Factor Authentication programs available. Some of the more popular ones are DUO Security, Authy, and Microsoft Authenticator. If you think your email has been compromised, you might read our blog on My email was hacked, now what?
  3. Think before you click a link. Often, hovering over the link will show you the real website URL before you click. Check to see if it’s a different domain or misspelled domain. Ask yourself, does this email make me skeptical? Is it directing me to click a link? Does this email feel too urgent?
  4. If you feel that you’ve received a fake email trying to scam you or your family, you can report it to the FBI’s Internet Crime Complaint Center.