UMB Financial : Staying cyber-safe during the COVID-19 pandemic | #phishing | #scams | #education | #technology | #infosec


Cybercriminals use deception and take advantage of fear, which means it’s more important than ever to stay aware and vigilant of COVID-19 scams so you can help prevent fraud.

This article was updated December 2021.

Vaccinations, wearing masks and social distancing all current recommendations‡ for public health with the continued COVID-19 pandemic. But this is also a time to be mindful of other ways COVID-19 could impact you through your finances and personal information.


Phishing for personal data and online access can take many forms. They can look like emails, texts, social media or other online messages that appear to have been sent from a familiar company or friend. Phishing schemes might include impersonating the World Health Organization (WHO), the Center for Disease Control (CDC), and other reputable sources. Never click links in these types of messages and emails-instead, go directly to the trusted source.

In addition, business email compromise (BEC) scams are a type of payment fraud that involves the compromise of legitimate business email accounts for the purpose of conducting an unauthorized wire transfer through phishing. During an unpredictable time, it’s natural that many Americans will be moving money to different accounts to take care of financial needs. To avoid becoming a victim:

  • Validate wire transfer requests
  • Verbally confirm any change in payment instructions (using contact data on file, not any received via email for voicemail)
  • If you feel you are being baited into a BEC, report it immediately to the Federal Bureau of Investigation’s Internet Crime Complaint Center.
  • Most importantly, listen to your gut. It’s better to do one last check to help save you from potential short and long-term problems.

Mobile alerts and communications scams

The Federal Trade Commission‡ (FCC) and the U.S. Food & Drug Administration‡ have posted warnings about fake websites and online messages promoting bogus products and to offers of assistance.

  • The FCC has received reports of scam and hoax text message campaigns and scam robocalls offering free home testing kits, promoting false cures, selling health insurance, and preying on virus-related fears.
  • Some text scams are impersonating government agencies. The FCC learned of a text scam claiming to be from the “FCC Financial Care Center” and offering financial COVID-19 relief. There is no FCC program to provide relief funds to consumers. The text is likely a phishing‡ attempt to get banking or other personal information from victims.
  • Text message hoaxes may claim that the government will order a mandatory national two-week quarantine, or instruct you to go out and stock up on supplies. The messages can appear to be from a “next door neighbor.” The National Security Council tweeted that these are fake‡. FEMA is tracking rumors‡ and reminds consumers to always check a trusted source.

As the pandemic continues to affect the U.S., people may need help, whether for supplies, medical care or something else. But be wary of requests-not matter how they reach you. The FCC recommends researching charities online (not through links provided in an online messages or emails). Be careful how you’re being asked to provide funds because a legitimate charity will never ask you to pay in a retailer gift card, and do not let them rush or guilt you into donating.

Elder fraud

According to the AARP Public Policy Institute‡, one in five elderly Americans are victims of financial exploitation each year. Watch for the below types of scams that could impact you or your older loved ones:

  • A phone call from someone posing as a grandchild or loved one claiming to need money for COVID-19 medical treatment
  • A special stock market deal
  • A cybercriminal posing as a non-profit or religious organization seeking donations

Check fraud

Check fraud is a type of scam where a fraudster writes you a bad check to deposit into your legitimate bank account. Your bank has a relationship with you, so many times it will release those funds to you before the check officially clears. When it’s a bad check, the money never clears and you owe the money back to your account. If someone asks you to deposit a check for them, or they write you a check for more than you are expecting, be wary of this outcome.

Working remotely

An increased number of Americans are working remotely – some for the first time; while in other cases, some are increasing the frequency with which they work remotely. Some important reminders for remote workers:

  • Companies have largely transitioned to working from home relying on conferencing software. Attackers are taking advantage of this to impersonate company software to steal user credentials. Be sure you monitor who is in your conference room.
  • Do not trust caller ID (especially if you have forwarded your office phone to a personal device).
  • Refrain from sending any company or sensitive office data to or from your personal email account.
  • If you do need to send a file or other sensitive data, talk with your company to see if they have an encryption method in place you can use before sending.

Job recruiting and employment scams

Employment scams‡ are especially insidious because they prey on people desperate for work. Cyber criminals are posing as hiring managers, recruiting individuals through fake job postings or social media messages, conducting fake interviews and making fake job offers. The criminals then obtain sensitive personal and financial information from the job-hunting victim.

To help prevent these scams, apply for positions through official company websites, confirm email addresses and be wary of offers that are “too good to be true.” Additionally, do not provide your personal banking information to recruiters.

Insurance fraud

Insurance fraud‡ is an unlawful enterprise that works similarly to a social engineering scam because it also preys on fears and anxieties during times of crisis.

  • Car insurance fraud – Investigators say scammers will use the fear of spreading COVID-19 as an excuse to discourage police involvement in car accidents, which can leave you vulnerable to false insurance claims. Law enforcement agencies recommend if you get into a car accident, you should practice social distancing, call the police and wait in your car for their arrival.
  • Travel insurance fraud – The Coalition Against Insurance Fraud is urging consumers to be wary of pitches for bogus travel insurance policies that claim to cover COVID-19-related trip cancellations. Most travel insurance policies do not cover pandemics as they are not classified as unforeseen events. If someone pitches you travel insurance that specifically covers COVID-19-related problems, it should raise a red flag.

Monitoring your account and reporting fraud

It’s important to check your financial account balances frequently to monitor activity and keep an eye on your accounts. How quickly you report fraud to your bank could affect whether you are responsible for all or a portion of the fraudulent checks or charges.

It’s also important to open and review statements immediately, whether you’re receiving them digitally or via hard copy. Also, do not share your PIN, online banking login or password with anyone. If you do, and they commit financial fraud, you may ultimately be responsible for any fraudulent charges or withdrawals because you provided them access to your accounts.

Stay connected

When you click links marked with the “‡” symbol, you will leave UMB’s website and go to websites that are not controlled by or affiliated with UMB. We have provided these links for your convenience. However, we do not endorse or guarantee any products or services you may view on other sites. Other websites may not follow the same privacy policies and security procedures that UMB does, so please review their policies and procedures carefully.


Source link