Staying vigilant against coronavirus scams
By Paul Fisher, MD Reliable Networks
With the increased concerns around the world regarding COVID-19, though most people are banding together, there are those out there who are trying to capitalise on people’s fears.
Scammers are calling home phone numbers and sending text messages to mobile phones which are imitating public bodies, such as the Government, HMRC and the NHS. These calls and messages usually contain misinformation or are methods trying to get your personal information and or money.
Scam texts – what to lookout for
Scam texts usually contain links or attachments that are not to be trusted. If you do not recognise the number or were not expecting the text, then do not click on them.
Looking at the below images you can see an example of a real (fig 1) and fake (fig 2) text message.
As you can see the style and content of the messages differ, the link in Fig 2 rings alarm bells just looking at it. The government would never text you to say they are going to give you money. It is best practice to always call up the sender from the official contact details that you already have, to check that it is genuine before clicking on any links.
Always check with the company that their correspondence is real!
In this case for example, when clicked the fake link takes you to a very realistic copy of a government webpage, although there were spelling mistakes which is generally another warning that the site is fake.
The Government website has issued a statement to say that most citizens will receive a text the same as the real text above Fig 1, so if yours look different do not engage with it.
Emails – direct threats to your inbox
A scam was reported by the World Health Organisation (WHO) that criminals were sending fraudulent emails posing as them to try and share clickbait messages that directed to a website selling counterfeit antiviral equipment in the hope of making some money.
The WHO have released a full statement HERE on how to recognise any correspondence that gets sent from them.
Cyber criminals have also impersonated the US Centre for Disease Control (CDC) and carried out the same method as above, impersonating website that is asking for donations to be able to come up with a vaccine. Never send money to anyone who requests it via email or even texts.
A UK specific example is that members of the public have been sent coronavirus themed phishing emails with infected attachments containing incorrect safety measures, these are becoming more targeted to specific sectors so that the rate of success is higher. The idea of this is that the attachment contains some form of malware and can breach the data on your PC/laptop or even mobile device.
Using a virus to send a virus
With the enhanced lockdown rules imposed by the government, most people are now working from home and with companies having to change their entire operations platform to an online and remote model, cyber security is a top priority.
With minute by minute news feeds, millions of posts on social media and also regular updates from the government, it is hard to keep track of information and its accuracy.
Your awareness and understanding are vital to help stop criminals impersonating trusted sources.
A targeted attack against the brand ‘Tupperware’ is currently still ongoing, where hackers have compromised an official site. Malicious coding is buried in image files on the website, that activates a fraudulent payment screen during checkout.
How to avoid any potential issues
With plenty more scams to be reported and investigated please remember to be on the lookout for scams and remain wary of any emails, texts, calls and even people knocking on your door, that you do not recognise or were not expecting.
Never click on strange looking links and attachments that you are unsure about.
Always use a reputable endpoint protection application to provide antivirus and malware protection as a minimum, and where possible use an additional email security solution.
Make sure that devices are set up correctly to update the operating systems on your computers, tablets and phones regularly, as this ensures the latest security patches are installed and protecting your supported devices.
- All of the above scenarios are examples and as there is no definitive answer of what is legitimate and what isn’t please stay vigilant.
If you have had any scam attempts or have been scammed, report it to Action Fraud, the UK’s national centre for reporting fraud and cybercrime.
Remember to stay safe, online and offline!