COVID-19 pandemic breeding digital scammers

It will certainly be a difficult road ahead to get through this crisis, but people are doing the best they can to help themselves and help others navigate these uncertain times. 

This being the case, just about the last thing anyone needs right now is to be on the lookout for scammers. But, unfortunately, we need to be. 

The pandemic has given rise to a brazen, shameless breed of scammer (if perchance there weren’t any other type) looking to exploit the public’s fears and anxieties surrounding the coronavirus to line their own pockets. Internet users, in particular, are being targeted as digital scammers are using a variety of approaches that play on the panic as a means to steal their sensitive personal and financial data.

These scams include, but are certainly not limited to, bogus treatments, price gouging, phishing scams, remote work scams, malicious apps, sham donation sites, and phony tax refunds. On top of that, there has been a considerable spike in website domain registrations related to Covid-19, many of which are malicious websites operated by cybercriminals.

Coronavirus scams may indeed vary greatly in their individual approach, but what they all have in common is their basic objective to play on people’s fears as a means to rip them off and/or to trick them into parting with their valuable private data. Much of this stolen personal information then eventually ends up on dark web marketplaces to be bought and sold by networks of expert cybercriminals.

The private data harvested by these digital scammers can include an individual’s full name, family members’ names, email address, home address, telephone number, ID numbers, Social Security number, credit card numbers, bank account information, online browsing history, contact lists, as well as logins and passwords for various online accounts. All of this information is incredibly valuable and can fetch scammers quite a bit of money on the dark web, which is obviously why they are so intent on running their scams, to begin with.

What is even more alarming than scammers buying and selling stolen personal information on the dark web is that many are also selling guides and teaching materials to other would-be scammers to educate others on how to exploit the current crisis for their own personal gain.

So, essentially, while everyday individuals are struggling in many ways to cope with the situation themselves and working hard to help others at the same time, cybercriminals are working hard to help themselves at their innocent victims’ considerable expense. What’s more, they are working hard to help grow the community of digital scammers specifically trained to take advantage of unsuspecting internet users during the Covid-19 crisis.

Coronavirus-related fraud is certainly on the rise, and so much so that United States Attorney General William Barr issued a directive to all US attorneys to prioritize investigations into such schemes and urged the public to report suspected scams related to Covid-19. Barr wrote in his memo to US attorneys that ‘the pandemic is dangerous enough without wrongdoers seeking to profit from public panic and this sort of conduct cannot be tolerated’, and adding that ‘every US Attorney’s office is thus hereby directed to prioritize the detection, investigation, and prosecution of all criminal conduct related to the current pandemic’.

So, while the Department of Justice investigates and works to uncover these scams, is there a way for everyday internet users to protect themselves against these threats and keep the growing network of digital scammers effectively at bay?

Fortunately, the answer to that question is yes. Knowing what to look out for, and knowing what to do (or more importantly, what not to do) when presented with a potential coronavirus-related scam can help individual internet users significantly lower their risk of being taken advantage of by a cybercriminal. 

Perhaps the most prevalent approach that cybercriminals most often turn to is the classic phishing attack. And the current situation is only giving an added prevalence to phishing attacks geared towards public anxieties surrounding the pandemic. Internet users should be aware of the fact that digital scammers are targeting potential victims through their inboxes and sending phishing emails that purport to be coming from the World Health Organization or the Centers for Disease Control and Prevention.

The email may prompt users to click on links or download attachments for up-to-date information on the virus or information on preventative measures the user can take. These types of phishing scams are becoming so prevalent that the WHO issued a warning to the public on its website to be on the lookout for criminals sending emails that appear to be coming from the WHO.

Other phishing emails could prompt users to click on links for information about positive cases of Covid-19 in their areas, to click on a link for exclusive and limited access to a secret cure or vaccine, or to enter their financial details to claim a tax refund to help them through the crisis. These emails may appear on the surface to be coming from legitimate sources, but upon closer inspection will often contain spelling or other grammatical errors that can tip the user off to the presence of a phishing scam.

As a general rule, users should never click on a link or download an attachment contained in any unsolicited email, especially these days in one that claims to offer important information on the virus, promises a cure, or offers financial assistance. The links and attachments contained in phishing emails will only work to take users to malicious websites aimed at harvesting personal data or inject malware directly onto their devices.  

Other coronavirus-related cyber scams making the rounds these days include bogus Covid-19 tracker apps that infect devices with malware, fake donation sites that intercept credit card details and other personal data, and fraudsters posing as remote helpdesk agents to trick newly-remote workers into giving them access to their personal and business systems. 

Internet users need to be aware of the various tactics that fraudsters are using during the pandemic. They also, just as importantly, need to be cognizant of certain tip-offs that can signal the presence of a scam, such as spelling and grammatical errors, offers that seem too good to be true, and other general inconsistencies with an email sender’s email address or website link.      

They say knowledge is power. Pardon the cliche, but in this case, it particularly holds up. The more knowledge internet users have about the various scams making the rounds and what they can personally do to reduce their risks of being taken advantage of, the more power they have against the growing threats posed by digital scammers during this pandemic. That knowledge is ultimately their first and best line of defense.