COVID-19 Phishing and Fraud

Like all criminals, cyber-criminals are opportunistic and will adjust their techniques to current events. A favorite technique of cyber-criminals is to use fear or urgency to force unwise behavior (such as clicking a link) so they will readily use crises such as natural disasters or the current COVID-19 outbreak to defraud others.

In the past few months, there has been a significant increase in COVID-19 related scams and phishing emails. These scams are likely to continue in coming weeks and we encourage you to remain vigilant. 

We have received reports of folks receiving unsolicited Zoom invitations which exploit current security risks in the zoom client and make it possible to divulge sensitive data from your system by clicking on links in Zoom chat windows. Zoom is not the only online video conferencing system with occasional security risks, but its rapid growth in popularity is causing attackers to pursue new ways to abuse it's popularity.

While LETU does not use Zoom, your personal contacts, children's school, etc, may. We encourage you to be very cautious when opening invitations not only from Zoom, but to Skype, Slack, GoToMeeting, WebEx, or any other system if you are not expecting the invitation.

Tips

  • Never reveal personal or financial information in an email, and do not respond to email solicitations for this information. This includes following links sent in email.
  • Pay attention to the website’s URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net).
  • If you are unsure whether an email request is legitimate, try to verify it by contacting the sender directly. If it's an individual, contact them using your personal contacts or published numbers. If a company, contact them using information provided on an account statement, not information provided in an email.
  • Keep a clean machine. Keep all software on internet-connected devices – including PCs, smartphones and tablets – up to date on critical updates, and protected with an antivirus application (like Windows 10's built-in Defender) to reduce risk of infection from malware.
  • Report phishing emails if you prefer, then delete them.

How do I stay safe?

  • Read the message carefully, and look for anything that isn’t quite right, such as tracking numbers, names, attachment names, sender, message subject and hyperlinks.
  • If unsure, call the organisation on their official number, as it appears on their website and double-check the details or confirm that the request is legitimate. Do not contact the phone number or email address contained in the message, as this most likely belongs to the scammer.
  • Use sources such as the organization's mobile phone app, web site or social media page to verify the message. Often large organisations will have scam alert pages on their websites, with details of current known scams using their branding, to watch out for.

If you’ve received one of these messages and you’ve clicked on the link, or you’re concerned your personal details have been compromised, contact your financial institution immediately, then contact LETU.

Print Article

Related Articles (1)