A worldwide pandemic, mass unemployment and nationwide protests over racial injustice — there are many important issues occupying our collective attention. Sadly, this kind of large-scale distraction is fertile ground for hackers.
“We have the COVID disaster combined with the economic disaster combined with the protests,” said Adam Levin, cyber security expert and founder of CyberScout, to Yahoo Life. ”We are now in the middle of what can be considered a perfect storm for scammers.”
Levin says that the current climate of our nation has set the stage for an online scam trifecta: motive, means, and opportunity.
“The motive for scammers is, for the most part, financial gain,” he continues. “The means is phishing, spear phishing, vishing (phone-based phishing), or smishing (SMS- or text-based phishing),” among other things. And the opportunity? “Anything that in any way touches something impacted by COVID,” he says, from stimulus check messaging to health updates. The ways in which online activism will motivate scammers remains to be seen.
The Federal Trade Commission (FTC) has been urging consumers to beware of online fraud, and they confirm that victims of scams have lost more than $13 million—and counting—since the coronavirus outbreak. “Oftentimes the only reason you haven’t experienced identity theft is simply because they have access to so many people and so much information, they just haven’t gotten around to you yet,” Levin said.
The good news is you are not powerless—far from it. We asked Levin to help us understand some of the biggest scams to look out for at the moment.
1. Stimulus payment scams
An email from a recipient you don’t know encourages you to click on a link—which then grants hackers access to everything from your bank account to your social security number. It’s called phishing, and it’s an old trick that keeps getting reinvented. “Never underestimate the creativity, sophistication, or persistence of hackers,” warns Levin.
One of the newest phishing tactics preys upon people seeking updates on their stimulus checks, according to Levin and the FTC. But the IRS will never contact you by email (nor phone, text, or social media). “Anyone who does is a scammer phishing for your information,” the FTC’s site warns. A phishing email may ask you to confirm personal information or even “inform” you of suspicious activity or log-in attempts using your information on the IRS website. It’s all bogus, says the FTC.
If you do fall prey to a phishing scam, hackers can easily hijack your usernames and passwords. Get yourself a secure password manager like LastPass Premium (affiliated with Yahoo Life’s parent company, Verizon Media), which will not only help you create rock-solid, hacker-proof passwords, but also store them in a virtual “vault” and sync them across your devices. The service was recently touted by Digital Trends in their ranking of the top services for 2020.
2. Fake charity scams
“During this disaster, there are legitimate organizations out there raising money to help victims of COVID and their families,” says Levin. The same can be said of charities collecting funds for civil rights and social justice.
But do your research before you enter your credit card information. “There are scammers out there that come out with fake charitable requests,” says Levin. “The avenues that these can come through are obviously email, and then we have ‘smishing,’ or SMS phishing.”
This means you’ll get a text message from a number claiming to represent a charity and asking you to donate online. The FTC notes that telltale signs of a charity scam include a sense of urgency, vague claims about how your money will be used, or even a message thanking you for a donation you never made. Check all charities against Charity Navigator to make sure they’re legit.
3. Fraudulent sites claiming to sell PPE
4. Income tax identity theft
5. Fake job scams
Read the rest of the story here: