It’s April Fool’s Day today, and COVID-19 scams exist in large numbers. Cybercriminals are using the public’s secondhand interest against them. There is no doubt that cybercriminals are an agile and resourceful mob as they take advantage of this critical time of the Coronavirus pandemic.
Beware of COVID-19 Scams — Fake emails and more!
In a week or two, they can mobilize at least a dozen cleverly socially engineered scams and hundreds of variants to fool people getting into the bait. Here are some of the COVID-19 scams to watch out for:
Emails asking for your details to get the Government assistance
There might be a tsunami of phishing emails requesting that you login to see if you are eligible. Scammers are asking you that you need to prove who you are by providing name, address, date of birth, bank account details and at least two forms of proof of identity. Some ask you to upload a photo or scan of the front/back of a driver’s license, your passport ID page and even copies of a utility bill.
This is a scam! The Government never asks for this information. The Department of Social Welfare and Development (DSWD) will distribute cards to local government units (LGUs) for COVID-19 cash aid. You don’t have to do anything else to get a benefit but to follow the procedures announced by DSWD.
Forms physically distributed to vulnerable groups and locations
This is a version of the email scam for those who don’t use the internet. Scammers will be distributing official-looking forms door to door informing the resident of the government bonus and requiring the same information as the phishing email. Scammers say you must fill in the form now and take photos of ID (as most don’t have a scanner).
Fraudulent telephone calls telling you that a family member has COVID-19
Criminals call pretending to be a clinic or hospital officials, who claim that a close relative of the victim has fallen sick with the virus and request payments for COVID-19 testing.
If you get a call, check it out directly. And remember, Philhealth will shoulder the costs of COVID-19 testing.
Emails from banks telling you they are closing their branches
You might be receiving an email that directs you to a form or an app to allow temporary local banking/posting asking for all your details. The app can infect your device and steal your details.
The Enhanced Community Quarantine state is upon us. It is difficult for us to attend our finances and go to banks at this time. You need to take note that banks are not shutting down amid the stay-at-home policy implemented by the government.
No bank would ever do this.
COVID-19 Advisory emails asking you to download the latest update
Never click on a link if you don’t know where its actually from. Phishing emails abound with links to either so-called advisory sites or links to download helpful information. The links may be in the form of Word.doc, PHP or EXE files and are poisoned and download malware. They use clickbait headlines like “DOH releases list of names infected by COVID-19” or similar.
Malware in COVIDS-19 Maps and information websites
One email may appear to have the link to the Department of Health (DOH), World Health Organization (WHO) and the ability to access a COVID-19 virus map by location. Those that vicariously want to know infections in their neighborhood are most at risk.
Highly targeted workplace, school, or university
Staff at large companies or students receiving emails telling them to read work-at-home policies or attend online classes. One may click a link to a dummy Company Policy and remote work protocols. A student might click a link to enroll in online classes asking for personal details like name, address, telephone number, and Student number. This has a very high opening and infection rate.
Check with your Human Resource Office and School Administrators first – call them!
Fund COVID-19 Solidarity Response
Fundraising scams abound and get your credit card details. If you want to donate, do it directly with the official websites of the organization you wish to pledge your support.
Social media like Facebook
Scammers have been active in littering social media with photos, stories, offers, and cures, but the result is always the same – click on the link and become infected with MALWARE-19.
Avoid Fakebook entirely.
We are inundated with fake ads for masks, toilet paper, hand sanitizer, medical supplies, cleaning products, air purifiers. The majority want you to buy online, you will never see the goods, and your details are stolen.
Protection Against Scams
It’s smart to go directly to reliable sources for information about the coronavirus. That includes government offices and health care agencies. Here are a few of the best places to find answers to your questions about the coronavirus1.
First, if you have elderly relatives that may not be as savvy with the internet call them and warn them of the risks.
Second, follow these essential advice:
- Never give personal information to anyone, be it via the internet or the front door
- Never click on a link or download a file unless you are sure of its pedigree
- Look for obvious spelling and grammatical mistakes
- Look for generic greetings – Dear fellow resident!
- Delete any malicious emails right away
- Install paid anti-virus/malware with phishing protection
- And if you are remote working use a paid VPN like Private Internet Access or NordVPN.
Legitimate sources of information on COVID-19 updates and resources
Here are some online websites that have a better perspective about the ongoing pandemic:
World Health Organization. WHO provides a range of information, including how to protect yourself, travel advice, and answers to common questions.
The Department of Health. DOH provides updated information and guidance about the coronavirus. It includes information from other government organisations.
Be aware of scams like phishing emails and malicious campaigns taking advantage of the COVID-19 situation to steal money and personal or corporate information, as well as infect computers. Stay alert from getting into scammers’ perspective and always have others give you a second option if the information you received are valid or void.
Norton, a global leader in consumer Cyber Safety, gives detailed examples to help you identify email phishing scams. Click this link to learn more.