As everyone continues to work diligently to overcome the challenges presented by COVID-19, it is important to realize that scammers looking to exploit the crisis continue to adapt and increase their efforts. As a result, small businesses of all types need to remain vigilant and consult with an IT Support partner to ensure that their organizations are protected and their staff is trained in proper telephone, internet, and email behavior.
In this article, we’ll take a look at the negative impact scammers have had, discuss the latest COVID-19 scams, and offer recommendations that your organization can use to protect itself against them.
The Toll Of COVID-19 Scams
As of October 1, the Federal Trade Commission (FTC) reported that they had received more than 214,000 complaints related to COVID-19, and the majority of them concerned fraud or identity theft. Victims have reported losses of more than $150 million, however, experts believe that the financial cost is far higher since many of those affected have not reported these incidents.
For small businesses teetering on the brink of solvency, any financial or operational impact is significant. Aside from direct financial theft, organizations are also hurt badly when their operations are disrupted by scammers and they can’t conduct normal business. In addition, if hackers are able to compromise sensitive company or client information, the reputation and revenue of the affected organization will suffer greatly.
Latest COVID-19 Scams
New Phishing Scams
In addition to the large amounts of phishing emails claiming to be from the U.S. Centers for Disease Control (CDC), the World Health Organization (WHO), and other seemingly official sources, new scamming campaigns are focusing on false information about COVID-19 vaccines, testing kits, and promised cures and treatments that are available. In addition, small businesses are being targeted by phishing campaigns that promise help obtaining COVID-19 business relief grants and loans. Scammers will continue to develop new phishing emails that are designed to deceive anyone interested in the latest medical developments concerning the virus.
Contact Tracing
Scammers are also exploiting the fears of people in a particularly distasteful way by pretending to be official contract tracing personnel on telephone calls. These nefarious actors are posing as local health officials and calling people to warn them about potential contact with someone exposed to the virus. These efforts can be effective as they are carefully designed to exploit people’s legitimate health concerns as well as their desire to be responsible members of the community.
Robocalls And Texts
Aside from the dizzying number of scam emails filling up business and personal email accounts, there has also been a marked increase in a variety of sham robocalls and texts targeting individuals and businesses. The cybercriminals pretend to be government organizations, banks, credit card companies, as well as family members in financial distress, and they request money and access to sensitive private information. Some of these calls and texts appear more realistic when they use technology to make the calls appear that they are coming from a local number. As the financial impact of the pandemic gets worse, the frequency of these scam robocalls and texts will increase.
Recommendations To Protect Against Scammers
Train Your Employees
Since employees remain the weakest link in cybersecurity and telework has increased their exposure to scammers, it makes sense to ensure that your employees are well-trained in good cyber hygiene. Your organization should have a strict internet and email user policy that emphasizes that users should never answer or forward emails from unknown sources or click on any outside links. Your company should also train your employees on how to spot phishing attempts and reinforce the policy that any request for funds or sensitive company or client information must be confirmed via a phone call, password, or other secure methods.
Communicate With Your Employees
In addition to comprehensive training, your company should also regularly inform your staff of any ongoing or new COVID-19-related and other scams as well as caution them about phony products and websites. Your firm should also encourage your employees to be vigilant and to promptly share any of their experiences with malware and other cyberattacks with their colleagues and management. Your organization should utilize different communication methods to continuously stress the importance of all employees being even more cautious during this crisis.
Be Aware Of The Latest COVID-19 Scams
Your organization should stay informed about the latest COVID-19 threats. Here are some useful sites that provide valuable information about ongoing and new COVID-19 scams:
- https://www.fcc.gov/covid-scams
- https://cybercrimesupport.org/covid-19-scam-alerts/
- https://www.self.inc/info/coronavirus-scams/
In addition, in order to protect against the growing number of scammers posing as charities looking for COVID-19 donations, your organization can confirm that a charity is legitimate by using the tax exemption organization site on the IRS website at https://apps.irs.gov/app/eos/.
Confirm The Authenticity Of Contact Tracers
Although contact tracing is a vital function during the pandemic, individuals must also take care to confirm that the person contacting them is actually an official contact tracer and not a scammer. There are some questions about sensitive information that a legitimate contact tracer will not ask. If the caller asks for any of the information listed below, you can assume they are a scammer.
- Insurance information
- Bank account information
- Credit card numbers
- Social Security numbers
- Any type of payment
If the contract tracer asks for any of this information, you should immediately hang up the phone. If there is anything about the conversation that makes you uncomfortable, you should ask for an official website and contact information, which you can verify independently. After you receive this information and confirm that they are legitimate, you can then call them back at your convenience.
Get Help From An IT Support Partner
The most important recommendation we can offer is that your company should work with a trusted IT Support Partner, like Network Depot, for the best protection against the latest COVID-19 scams. A reliable IT partner will offer your company useful advice and will implement any necessary solutions to help protect your organization against aggressive cybercriminals.
For example, one simple step your company can take is to work with your IT partner to identify the employees that should have access to sensitive client or company information. With your IT partner’s assistance, you will be able to limit this number to the select few necessary, and you will also be able to protect any information and transactions with properly maintained firewalls and password protocols
In addition, we recommend that you work with an IT Support Partner to conduct controlled email phishing campaigns (including ones related to COVID-19) to more effectively test and train your workers regarding internet and email protocol. These test email campaigns send fake phishing emails to your staff to find out who will click on the bait. This valuable tool not only identifies which staff members are susceptible to deception, but it also provides useful information to educate your employees on how to protect themselves against phishing and other cyberattacks.
By being aware of the latest COVID-19 scams, following the recommendations in this article, and working closely with a reliable IT Support partner, your organization will be able to overcome the challenges of this pandemic and achieve your unique objectives.