With the onset of the COVID-19 pandemic, there have been a lot of COVID-19 scammers out there, making cybersecurity more important than ever.
The FTC is warning the public of a phishing campaign where victims are promised money from a COVID 19 “Global Empowerment Fund’ from the Federal Trade Commission (FTC). This scam email asks you to respond with your bank information so they can transfer the funds.
Another scam is targeting college students via email claiming to be from the “Financial Aid Department” of the university. The email tries to bait the victim into clicking on a link to obtain message about the COVID-19 Economic Stimulus Check. The link is claiming to be a portal requiring the university/student log in.
Not only could the scammer obtain personal information, the victims could also download malware on their device.
Economic Stimulus payments are coming from the Internal revenue Service (IRS). The funds will not come from other sources. You will receive communications only through the IRS website, mail, or by calling in and checking the status.
A couple of hints that it’s a scam
- The message makes you feel panic or fearful by emphasizing the urgency or scarcity of the product.
- It plays on your emotions.
- There are a lot of grammatical errors in the message.
- The email address or web address is questionable.
Play it safe: Avoid these most common passwords
- Password or combination p@ssw0rd
- Any sports teams – Royals, Chiefs, Jayhawks, Tigers, Wildcats
Password do’s and don’ts
- Use a combination of letters, numbers, symbols with upper- and lower-case letters.
- Use a pass phrase instead of a password.
- Use a different password to protect confidential information.
- Add two-factor when you can.
- Use your username or email address as your password.
- Use your email password for any other site.
- Use a password again if it was breached.
- Use easily guessed passwords.
Steps to take
If you spot something that looks like a phishing scam, report it.
Forward the message to the Anti-Phishing Working Group (an organization which includes ISPs, security vendors, ﬁnancial institutions, and law enforcement agencies) at firstname.lastname@example.org.
You can also report phishing to the FTC at ftc.gov/complaint.