As the coronavirus continues to wreak havoc on the world, cybercriminals are taking the opportunity to exploit individuals and businesses for personal profit. IBM E-Force reported a 6,000% increase in COVID-19 related spam, and lawmakers and the FBI are taking steps to address it. Unfortunately, many of these scams are succeeding: This month, the FTC reported that Americans reported more than $12 million in losses due to coronavirus-related fraud.
Here are four key reasons why these scams are proliferating, and why so many people are susceptible to them.
It’s understandable that a world pandemic that kills thousands, baffles doctors and brings the world economy to its knees makes people feel vulnerable. The world as we know it has changed, and people are trying to make sense of these turbulent times by searching for answers.
While this desire for knowledge is a laudable response to fear, cybercriminals are taking full advantage by creating malicious COVID-19 websites and phishing emails. They include websites with coronavirus statistics, emails claiming to sell discounted masks and medical supplies, testing kits, cures and safety measures from fake health organizations, and even apps claiming to detect infected people in your area.
2. The Economy
Because of COVID-19, businesses have been shuttered, millions are jobless, and as a result, a sizable part of the world is in financial trouble. It’s not surprising, therefore, that so many are falling prey to emails that claim to direct them to information about stimulus payments, work from home opportunities, student repayment plans and debt consolidation. Yet in effect, those who are searching for financial relief are adding to their woes by clicking on malicious links and downloading infected files.
3. Remote Working
With so many businesses and their third parties implementing WFH policies, employees are much more vulnerable to cyber scams. Part of the reason for this is because employees may use their own devices for work, which can introduce new platforms and operating systems that require their own dedicated support and security. In addition, a lack of face-to-face interaction means that employees are much more likely to receive an increased number of emails and online requests.
This is why we are seeing so many cases of employees who click on, for example, malicious emails claiming to be from an HR team regarding new vacation and health policies. In addition, because more people are using their smartphones, they are more likely to click on suspicious emails: This is because with a phone, it takes more steps to view email address details.
Subscribe to Our Blog
It’s been said that the worst of times brings out the best in people. So it’s no wonder that many people are responding admirably to coronavirus by donating to worthy causes that claim to help those who have been hit the hardest.
Unfortunately, when it comes to cybercrime, the worst of times can also bring out the worst in people. As wretched as it may sound, cybercriminals have been found to take advantage of every possible opportunity to steal from others, even if that means preying on the most charitable. This is why we have seen a significant uptick in fake websites and robocalls that claim to offer aid to those affected by coronavirus and instead steal people’s personal and payment information.
What You Can Do
There are many steps that can be taken to make sure you are not a victim of COVID-19 scams. Here are just a few:
- Don’t open links or attachments from unknown individuals, even if it seems to be from a reputable source. Instead, go directly to the website of the sender. Tip: The IRS never requests personal or financial information through email, text messages or social media.
- Spelling counts. Read your emails carefully. Suspicious email will often have spelling errors and/or poor writing structure.
- Perform regular patching and updates to your software and systems to ensure maximum security.
- Use multi-factor authentication for any website with remote access, such as banks, to prevent criminals from performing transactions without your approval.