Avoid scams brought on by COVID-19 with these tips
March 26, 2020
The uncertainties surrounding the coronavirus and the need for social distancing provide a playground for fraudulent telemarketers and internet scammers.
Here are tips from two Virginia Tech experts about how to reduce your risk:
“We are living in a heightened time of cyber risk. Cyber criminals will take advantage of public fear and due diligence health measures to generate coronavirus themed phishing attacks. We should be aware of unsolicited COVID-19 emails with specious links or attachments,” said David Simpson, a professor of practice who is responsible for cybersecurity course and program development in the Master's of Information Technology and the Master's of Business Administration programs in the Pamplin College Business.
In addition to scams that prey on people's fear – the uncertainty and doubt regarding their own health – Simpson explained that the increased utilization of voice, video, and data to replace in-person contact will open new threat vectors.
As many organizations shift to remote work environments, Simpson offers the following tips to avoid online scams:
- Employees working from home for the first time will potentially use desktop computers, laptops, tablets, and smartphones that are not protected to the same level as workplace devices. Consider using additional risk reduction measures like document and file encryption, VPNs, regular scanning and other best practices to lower the potential for business intellectual property or financial theft.
- The use of company credit cards to replace more rigorous financial office processes can expose business accounts. Employers should work with their banks and credit card companies to reduce exposure and limit potential losses should an ad-hoc process compromise account information.
- Time and attendance programs for employees that don’t normally work from home are commonly exploited. Employees want to and think they are doing the right thing to document their time, but they can be directed to a false site and ultimately fooled into sharing credentials that incrementally lead to more sensitive accounts.
- Organizations that were used to getting 'in-person' permission to do something are now implementing new approval processes that could be susceptible to man-in-the-middle attacks. They should be thinking about multi-factor authentication for newly established ad-hoc practices.
For older individuals:
Older individuals are especially vulnerable to financial exploitation at the hands of others, said Karen Roberto, a University Distinguished Professor, director of the Institute for Society, Culture, and Environment, and a Senior Fellow in the Center for Gerontology at Virginia Tech.
“Elder financial abuse costs older Americans more than $3 billion annually, but we know the losses to elderly victims extend far beyond dollars and cents,” Roberto said. “Elder financial abuse and exploitation endangers the health and well-being of older adults and invariably, their quality of life.”
Roberto offered these tips for older adults to protect themselves from becoming a victim, particularly during this global pandemic:
- Stay engaged with others: “Socialize — remotely — with family members and friends. Isolation can lead to loneliness, depression, and make you more vulnerable to financial abuse or exploitation.”
- Beware of telephone solicitations: “Billions of dollars are lost each year because of fraudulent telemarketers. You are not being rude by hanging up when a solicitor calls.” Use caller ID to screen your calls, and if you are not familiar with a number or name, don’t answer and don’t return messages from persons unfamiliar to you. Remember, programs and services like Social Security, Medicare, and local police will not call you asking for personal information.
Just hang up: “If you find yourself on a call with someone you don’t know or who is trying to sell food or paper products to help meet your needs during this pandemic, don’t engage in the conversation. Just hang up.”
Protect your passwords: This includes ATMs and online or telephone transactions with a bank, credit card carrier, or any company with whom you do business.
Do not share personal information: Whether on the internet, a phone call, or in person, never give out personal information such as credit card numbers, bank account numbers, your date of birth, or Social Security and Medicare numbers, to unfamiliar companies or unknown persons.
Tell someone: If you believe you are a victim or near-victim of financial abuse and exploitation, do not be afraid or embarrassed to discuss your concerns with someone you trust, such as another family member, clergyman, or bank manager. “You are not alone. The situation could become worse if you do nothing.”