Florida Attorney General Ashley Moody is warning Floridians to be aware of multiple scams tied to the COVID-19 outbreak.
The scams run the gambit from text messages and phone calls to imposters posing as health workers offering free Coronavirus tests.
“Sadly, scammers never stop trying to make a dishonest dollar – not even amid a pandemic,” Moody said. “If you receive an unsolicited text message, email, phone call or any other communication claiming a cash payment, government benefit or other COVID-19-related offer, be very suspicious. The bottom line is Floridians need to be on the lookout for scams and never give out personal or financial information to solicitors.”
Moody said one scam that was uncovered recently targets those who are researching information about the Coronavirus. She said a malicious website displays a live map of COVID-19 cases mimicking a legitimate map from Johns Hopkins University. Once users click on the website, a program is activated that can access and steal sensitive user data. It is suspected that the website is being spread across the internet via infected email attachments and online advertisements.
“Scammers will use any occasion to prey on the emotions of unsuspecting consumers, and fear is a favorite tool of criminals trying to commit fraud,” Moody said.
This past weekend, reports emerged of text messages asking people to click on a link to claim a $1,000 payment, apparently connected to a COVID-19 federal stimulus package. The link most likely contained malware.
Scammers are also sending phishing emails that appear to come from the Centers for Disease Control and Prevention (CDC) or World Health Organization (WHO) asking for sensitive information or instructing people to click on suspicious links and open malicious attachments. Moody said residents should be on the lookout for these scams and verify the email sender by checking the email address or contacting the CDC or WHO directly.
The following are tips to avoid COVID-19-related scams:
- If malware is suspected, do not shop online, access online banking or do other activities that involve sensitive information like usernames, passwords, or account information until it has been checked out;
- If malware or other issues are suspected, seek technical support from a trusted provider;
- Install and update security software regularly;
- Know that online searches may not be the best way to seek tech support. Tech support scammers may pay to boost rankings in online search results. Instead, seek personal recommendations or consider visiting an electronics store for assistance;
- Only buy products from reputable stores and websites;
- Be sure online stores have working contact information. Before offering up personal information, make sure the store has a real street address and working customer service number;
- Research product claims. Evaluate claims of any medical product before buying and watch out for products claiming to offer a miracle cure for a range of ailments;
- Check with medical professionals before purchasing an unproven health product; and
- Research before donating. Search for the charity’s name online, using the words scam or complaint, and check resources for information about the charity, such as Charity Navigator and the Better Business Bureau’s Wise Giving Alliance at 1-(703) 247-9321.
Moody also is warning the many Floridians now working from home to guard against cybercrimes, as they also are likely to increase.
“Florida businesses are going to great lengths to prevent the spread of COVID-19 by following the advice of health experts and allowing employees to work from home,” Moody said. “While this is a vital step to mitigate this health crisis, it creates more opportunities for hackers and cybercriminals to steal sensitive data.”
Steps Floridians can take to protect sensitive customer information, trade secrets or other information while working remotely include:
- Using a secure internet connection;
- Ensuring all security software is updated and in working order. Additionally, ensuring that the device’s operating system is updated regularly;
- Creating strong passwords and utilizing different passwords across multiple websites and applications. Do not use easy-to-guess security questions;
- Limiting the use of work devices only for work activities. Use personal devices for leisure;
- Locking work devices when not in use and never leaving them unattended;
- Enabling multi-factor authentication when available. Some employers allow employees to provide an additional email address or phone number to receive codes to verify that the user is in fact the individual attempting to access an account; and
- Contacting IT if receiving unsolicited verification calls or codes. This is a sign that credentials were phished successfully but login failed because of multi-factor authentication.