COVID-19 scams abound, and cybercriminals are using the public’s vicarious interest against them. Here are the current ones – we will update as we hear of more.
There is no doubt that cybercriminals are an agile and resourceful lot. In a week they have mobilised at least a dozen cleverly socially engineered scams and hundreds of regional variants. Here are some of the COVID-19 Scams to watch out for.
Scam 1 – Give me your details to get the Government assistance
The Government’s assistance package will come to eligible people via the MyGov (Medicare) and other relevant government databases. You don’t have to do anything to get a benefit.
There has been a tsunami of phishing emails requesting that you login to see if you are eligible. Login inevitably says you are, but you need to prove who you are by providing name, address, date of birth, bank account details and at least two forms of proof of identity. Some ask you to upload a photo or scan of the front/back of a driver’s licence, your passport ID page and even copies of a utility bill.
THIS A SCAM – the Government never asks for this information!
Scam 2 – Forms physically distributed to vulnerable groups at retirement villages
This is a version of the email scam for those who don’t use the internet. We have word (but no proof yet) of scammers distributing official-looking forms door to door at retirement villages informing the resident of the government bonus and requiring the same information as the phishing email. Scammers say you must fill in the form NOW and take photos of ID (as most don’t have a scanner).
We are not sure how widespread this is because it could take a lot of organising, but it only takes a small success percentage to make money.
Scam 3- Telephone fraud – your mum/dad/long lost cousin has COVID-19
Criminals call pretending to be clinic or hospital officials, who claim that a close relative of the victim has fallen sick with the virus and request payments for medical treatment.
This is rare in Australia but if you get a call check it out directly.
Scam 4 – This is your bank/post-office – we are closing branches for two weeks, so you have to register to use online
This has happened in the US, and the email directs you to a form or an app to allow temporary local banking/posting asking for all your details. The app can infect your device and steal your details.
No bank or post-office would ever do this.
Scam 5 – COVID-19 Advisory emails asking you to download the latest update
Phishing emails abound with links to either so-called advisory sites or links to download helpful information. The links may be in the form of Word.doc, PHP or EXE and are poisoned and download malware. They use clickbait headlines like “Pope dies – an unholy war on COVID-19” or similar.
Never click on a link if you don’t know its pedigree
Scam 6 – Malware in COVIDS-19 Maps and information websites
One email appears to have the link to the US Centre for Disease Control (CDC) and the ability to access a COVID-19 virus map by location.