The WHO was one of the first major organizations to warn about the increase of cyberattacks and online scams happening over the past few months. In late April WHO reported a fivefold increase in cyber attacks stating that some 450 active WHO email addresses and passwords were leaked online.
Scammers have also been impersonating WHO members and using their emails to target public donation channels for fictitious funds that are non-authentic COVID-19 response funds.
In their official statement, the WHO asked the public to remain vigilant against fraudulent emails.
Aside from the WHO dealing with cyberattacks, there has been an alarming increase in scams related to COVID-19. The uncertainty around the pandemic has created an opportunity for hackers, phishing scammers and robocallers undoubtedly looking to take advantage of the situation.
The Federal Trade Commission advised the public to not respond to any communications related to government cheques or other schemes. In light of this fraudulent activity, we have compiled a list of common scams that have been reported recently:
- Emails offering treatment or Vaccines for COVID-19
- N95 masks for sale on new ecommerce sites, but are actually phishing scams
- Fake medical supply companies
- Fake charities claiming to provide PPE and supplies to first responders
- Fake video conferencing services to help you work from home
- Fake tech support scams where an employee will receive a phone call pretending to be their IT team
- Coronavirus stimulus payments to gather your bank info
- Fake websites for simple necessities like hand sanitizer
- Bank calling about exclusive offers or 0% interest loans
New Scam – Scammers have been targeting online job seekers. Examples include:
- Inside sales reps for grocery
- COVID-19 regulation control for new businesses opening
Scammers are getting more and more sophisticated
Recent reports have shown that not only are scammers using phishing emails or fake websites, they are texting and calling and it’s difficult for many people to determine whether they are a scam or not.
So how can I protect myself or my business from these scams?
- Never trust calls or emails from any organization asking for your personal information. If you aren’t contacting them in the first place there’s no reason for them to be calling you. For example, it’s highly unlikely that the CRA, IRS or your bank will be calling, texting or emailing you about your account or exclusive offers at any time. Do not share your personal information
- If you receive unsolicited calls, validate whether or not they are real by hanging up the phone and contacting the organization from their actual customer service line.
- Always research the company that may be making you an offer
- Never share your passwords, even if it’s someone claiming to be your IT department
- Avoid clicking on unsolicited emails and do not download attachments or click links in the emails. Always check the sender email address
- Check website URLs to make sure they are legitimate, always rely on established websites for COVID-19 information
- Again, legitimate organizations never ask you to update your account or update personal information
- Delete businesses from your address book, like your bank for example. It is possible for scammers to hijack legitimate business phone numbers so that an incoming call looks like it’s coming from your bank. If you delete this entry from your address book, you will be less likely caught off guard.
Although these recommendations cover many situations, they do not cover everything – someone may reach out to you with a unique request for your information. Always remember to keep your personal information private.