New scam stokes fear amid coronavirus outbreak.
Fear is a powerful motivator. Worse, being afraid can lead to hasty decisions of the unfortunate variety. Despite that warning being seared into our memory, people still make questionable choices in the heat of the moment. That’s why phishing scams tend to leverage fear: It works.
Just as criminals have used fear of the IRS (generally the audit) to trick taxpayers into handing over personally identifiable information (PII) or money, these bloodsuckers have seized upon concerns about the coronavirus.
According to the FTC blog, scammers have developed a multipronged, interconnected campaign. “They’re setting up websites to sell bogus products, and using fake emails, texts, and social media posts as a ruse to take your money and get your personal information,” FTC Consumer Education Specialist Colleen Tressler writes.
The scammers present themselves as a legitimate resource, offering information about possible outbreaks in your area and potential remedies should you be infected. As with other phishing scams, they may ask for your information or include attachments and embedded links.
What makes the coronavirus scam even more sinister is the result of a recent study on American news consumption. According to the Pew Research Center, 42 percent of Americans use social media as a news source. While 57 percent are skeptical of news they read social media, it only takes a few clicks to become a victim.
As more people get their information online, it’s imperative that everyone learns to avoid phishing scams and deal with the fallout if you’re tricked.
What should I do to avoid the coronavirus scam?
The best way to avoid any phishing scam is to educate yourself and develop good data security habits. That means focusing on the fundamentals:
While we’re not going to drill down on the Sunday buffet of data-security tips revolving around passwords and security software, the last two points in that bulleted list are extremely relevant to phishing scams.
Check links before you click!
Before you click any link, hover the cursor over it to display the web address. If that address is different from what is displayed or you expect, don’t click it. It’s extremely easy to make on-screen text a hyperlink.
For example, it may look like the embedded link goes to SuperTaxSoftware.com, but when you hover over the link, it displays SuperTaxSof1war3.com. The real link destination is usually a site designed to look legitimate—only they store any data you enter and steal submitting credit card information.
Another option available to scammers are scripts that automatically install malware. The point being, know the websites you’re visiting.
Don’t click links or download attachments from people you don’t know!
If an unfamiliar sender drops a message in your inbox (or DMs, text messages, or Facebook Messenger conversations), it behooves you to avoid the urge to click on any attachments or embedded links.
We’ve covered the risks posed by unverified and unfamiliar hyperlinks, but attachments are a favorite of identity thieves around the world. Here’s the gist: They stuff malware (usually a keylogger program that tracks what you type) into attachments that installs when you download the file.
Now, it’s easy to say, “Avoid clicking on email attachments and links from unknown senders.” Things get a little trickier when you receive an email from what appears to be a friend, major retailer, or government agency—all people and organizations you trust at a glance.
Bookmark legitimate websites for information on the coronavirus!
The FTC recommends bookmarking and regularly visiting the CDC and WHO (World Health Organization) websites for real coronavirus updates. As for general consumer updates and tax-related information, you can’t go wrong with the FTC and IRS sites, respectively.