As the new normal of working remotely, home schooling, and social distancing takes hold of our communities amid the coronavirus pandemic, hackers and scammers are continuing to take advantage of our heightened sense of urgency and need for information. What can you do about it? Don’t let your guard down. Arm yourself with knowledge. Here are some tips and advice to help keep you safe from ID theft and fraud.
Phishing Scams
Phishing is when a hacker tries to get you to reveal personal information via email or text, such as a password, account number, or social security number, by disguising themselves as a trusted source. Be on the lookout as you try to sift through the multitude of communications and news about COVID-19.
- CDC or WHO Alerts
This type of email may masquerade as an official alert containing important time-sensitive information from the Centers for Disease Control or the World Health Organization, such as the number of cases in your area, tips for you to stay safe, upcoming testing procedures, etc. Take caution to not reply or open any attachments if you’re skeptical of its origin. - Medical or Health Related Communications
These emails may pretend to offer health advice to help protect you and your family or pose as a trusted person or medical entity such as your doctor or local hospital, requesting you to reply with personal information. They may also offer vaccinations or home test kits if you contact them. Don’t reply. Call your doctor or hospital instead if you think it might be legitimate.
If you’re like everyone else, you’re probably getting more telemarketing and robocalls than you’ve ever had before. Scammers have been using the current environment to try to push fake products such as vaccines, low-cost health insurance, or work-from-home schemes to those who may be recently unemployed.
As a reminder, Atlantic Union Bank will never call asking for personal information such as your PIN. And even if a phone or text display says “Atlantic Union Bank”, it may not actually be us calling. If you have any concern at all about your account, call us.
Paycheck Scams
Payroll Redirection is when your payroll administrator thinks they are receiving a request from an employee, via email, to change his/her direct deposit bank account. The email address appears to be valid, so your payroll person makes the change. Your next check is then direct deposited into the fraudster’s account. You should always check your account if you’re expecting a direct deposit from your employer. Give them a call if you don’t see funds in your account when you usually do.
Donations
During times of crisis, charities and non-profit groups are working hard to provide aid to those in our communities in need. Unfortunately, the scammer is working hard also to seize on this opportunity for personal gain. Beware of fake charities, as well as bogus websites that look like a charitable organization you may be familiar with. Typosquatting (or URL Hijacking) is when a hacker creates a fake website that is so similar to the intended destination that you don’t notice. Pay close attention to the URL in your browser and make sure it’s spelled correctly.
If you are considering giving to a charity you may not be familiar with, do your research on the organization first. You may be able to verify their legitimacy on sites like Charity Navigator or the Better Business Bureau's Wise Giving Alliance. Also, be aware that a legitimate charity would probably not be pushy in a request for help or ask you to donate via wire transfer. Communications with terms such as “immediate need” or “send money now” are red flags.
Fake Ads
If you see an online ad selling any high demand item that you can’t find in stock anywhere else (surgical masks, toilet paper, hand sanitizer) be aware before you click. It might be an attempt to gather personal information when you go to make that purchase from a fake website that looks legitimate. (See Typosquatting above) You might also be driven to the site of a vendor you’ve never heard of before. It’s probably a better idea to avoid opportunistic vendor sites with no reputation or no actual product to offer. If you still want to make the purchase, do some research on the vendor first (check user reviews, for example).
A click on a fake ad might also be an invitation to download malicious software. Be extra careful if you click on anything. If you see a download begin on your computer or mobile device, close the browser window.
Working from Home Safety
With much of the workforce working remotely, hackers and scammers may try to infiltrate your work email account with company updates on the virus and entice you to click on an attachment that may be malicious. If you are using a company-issued laptop, don’t be careless. If you aren’t sure about the legitimacy of the communication, call the person in your company who sent it directly.
Here are some other tips.
- Change Your Router Password: If you’re still using the manufacturer’s default password, now is the time to change it. Make sure to include letters, numbers and special characters and differ the password from others you use.
- Webcam Safety: If you’re using an external webcam for video conferencing, disconnect it when you’re not using it. If you have a company issued laptop, cover the camera when not in use.
- Children and Your Laptop: Don’t allow your kids to use your work issued computer. Keep it locked away, out of reach, or hidden so they can’t access it. Even if you have it password protected, it’s a good idea to not let them near it so they are less tempted to click around or download something malicious.
Stimulus Check Scams
The IRS is not contacting you about your Economic Impact Payment. Any communication you get via email, text, or robocall about your expected payment or payment you just received, is probably a scam.
From the IRS site: “The IRS will not call, email, or text you about your Payment. The IRS will not contact you to request personal or bank account information. Watch out for websites and social media attempts that request money or personal information and for schemes tied to Economic Impact Payments.”
We want you to be safe, so take caution against scammers trying to get you to sign over your check to them or “verify” your filing information in order to steal your money.
It’s unfortunate that scammers are using the pandemic as a backdrop for cybercrimes. Being extra-vigilant in your new normal will go a long way in helping you stay safe.