There are many unforeseen changes that the coronavirus pandemic has brought about. Unfortunately, one thing we should have seen coming is the proliferation of online scams. Preying on fear and aided by abundant misinformation, such scams target businesses and individuals alike. What, then, can folks look out for, to avoid being victimized?
Like most cyberscams, the current wave of dirty tricks is initiated by email. Scammers impersonate financial institutions such as banks and insurance companies, or government agencies such as the IRS, Centers for Disease Control and Prevention, or Food and Drug Administration.
The most recent cons reference stimulus-specific issues such as the Economic Injury Disaster Loan program or Paycheck Protection Program loans, extended unemployment or the $1,200 stimulus check for individuals. Typically, this type of scam tries to confuse you with quotes from reputable news outlets, either taken out of context or flat-out phony.
One thing many of the email scams have in common is that they eventually ask you to confirm personal information such as Social Security, Medicare or bank account numbers. Never send this information via email.
Another common trick is to try to get you to send money to the scammers, sometimes discussed as a processing fee, application fee or loan fee. Or, the crooks will send you a real-enough-looking check, say for $3,000, and claim that due to some illogical reason, it’s an overpayment and you simply need to send them the excess, $1,800 in this example. The kicker is that they ask you to send that money by wire transfer, bitcoin or even gift cards. You might laugh, but gift cards are the currency of choice for many scammers due to their untraceability.
Any email asking you to take an action should be immediately suspect. As we have preached here in the past, carefully examine the actual email address of sender, looking beyond the display name. In the past this was difficult to do on smartphones, but for just about all devices, that is no longer the case. Selecting the name of the sender will bring up the actual email address.
Even if the name matches up to the email address, a rash of domains has recently been registered, many of which are being used to perpetuate scams. Basically, any domain that has “corona” or “covid” or similar phrases should be treated with a heavy dose of skepticism.
Last, another piece of advice we’ve doled out in the past: Don’t click on any links in an email unless you are absolutely certain of its authenticity. If a link purports to take you to a bank or insurance company, for example, go straight to that institution’s site and look for the information there.
John Agsalud is an IT expert with more than 25 years of information technology experience. Reach him at firstname.lastname@example.org.