Living in the digital age that we do now, it’s no surprise that identity theft schemes have become rampant. Especially now with most people staying home to social distance or work remotely, our presence online has only increased leaving us more susceptible to digital attacks.
The Federal Trade Commission (FTC) noted that identity theft schemes increased four times throughout this past April compared to January to March of this year. Scammers have been causing misery to their victims.
According to Cybersecurity Ventures, cybercrime damage could total $6 trillion by 2021 which is about 10% of the world’s economy.
Additionally, a recent survey by IBM found there was a 6,000% rise in COVID-19-related spam, mostly, hackers impersonating government officials and institutions. While hackers don’t discriminate, and anyone can be a victim, they will often go after “vulnerable” populations, including seniors and those on Social Security.
Outlined below are four of the biggest attacks and data breaches you should know about so far this year so you can prepare and protect yourself against these cybercriminals.
1. COVID-19 scams phishing scams
As of April 21, 2020, the Internet Crime Complaint Center of the Federal Bureau of Investigation (FBI) received over 3,600 complaints related to COVID-19 scams.
Scammers try to lure and defraud unsuspecting consumers by advertising/selling vaccines or cures that do not exist. They also focused on raising money for fraudulent causes or groups supposedly supporting efforts around COVID-19.
One cybercriminal even posed as the American Red Cross and was soliciting donations, in an effort to get banking numbers. The FBI found that these sites were delivering malware via email or hosting other types of scams to get users to give out their personal, banking, or credit card information. Opening this kind of communication or clicking the links in such an email can implant malware on your computer or go through your computer looking for passwords or other personal information.
2. Stimulus Check and Social Security Scams
Social Security scams have always been common as cybercriminals are targeting to steal your most valuable personal information.
Today, identity thieves are exploiting the confusion around the CARES Act, which is best known for the stimulus checks, to get to your Social Security number or banking information.
For example, a number of fraudulent sites have emerged that are designed to look like legitimate places to apply for the stimulus checks. Some even market themselves as sites where you can supposedly ‘receive them faster’. The Internal Revenue Service (IRS) already distributed the stimulus checks to most Americans. A second bill has been introduced in Congress that would give qualifying Americans additional stimulus checks.
While some Americans have received their first-round checks, others are still waiting for a few weeks or even months now. For Social Security recipients, there may be delays in receiving a check or misunderstanding of how the stimulus check interacts with their regular Social Security benefits. This confusion gives hackers an opportunity to target those who are waiting. With the possibility of a second stimulus check on the way, the scams around stimulus checks are likely to continue.
Other scams around the recent CARES Act have targeted people with small businesses. Hackers are impersonating lenders or banks and supposedly offering financial help in the form of quick loans or credit card debt.
3. Zoom meetings cyberattack
With people staying at home, many facets of our lives including work and social gatherings are now happening over video conferencing or meetings. While services like FaceTime, Whatsapp, and Skype remain popular, one of the most widely used video platforms during coronavirus is Zoom.
While these video conferencing tools helped improve communication for families, friends, and co-workers, they also become a target for hackers. In April, it was reported that over half a million Zoom accounts were compromised and became available on the darknet.
4. Hacking off International Institutions dealing with healthcare
A study conducted by the SITE Intelligence Group found that over 25,000 accounts from the National Institution of Health (NIH), Center for Disease Control and Prevention (CDC), the World Bank, and the WHO (World Health Organization) have been compromised. These emails and passwords were confirmed to be accurate.
If you have an account with any of these institutions, it is recommended to change your password immediately. If you use that same password for any other accounts (which you shouldn’t do in general because of this very reason), it is also recommended to change those passwords as soon as possible.
How to protect yourself from scams
If you think you have been targeted or contacted by a fraudster do not respond. Do not even tell them you know it is a scam. Simply delete the message and please do not click on any of the links or attachments that might be included in the email.
Make sure to change your passwords frequently. A standard rule for good security is to change your passwords at least every 30-60 days. This will stop the risk of having your information stolen by malicious hackers.
Follow the basic protocols to protect yourself from becoming a victim of a cyberattack or identity theft.
- Do not open emails from unknown accounts
- Ensure multi-factor authentication (MFA) is activated on all personal accounts
- Do not put personal information on your phone
- Check the sender’s email domain name
- Look at the grammatical writing of emails received – if things seem off, they probably are scams
- Do not provide personal information in your emails or on calls (with the exception of if you started the phone conversation and with a trusted source)
- Consider installing antivirus software on your mobile phone and computer like Bitdefender or Norton
Additionally, companies and governments have released their own guidelines in terms of dealing with security during COVID-19. Microsoft’s COVID-19 Security Guidance advises customers to enable ATP (Advanced Threat Protection) on all their products.
Finally, if you think you have been the attempted victim of a stimulus check scam, you should immediately contact law enforcement. You can also report it to the Better Business Bureau. If the potential scam involves your Social Security number or benefits, report it directly to the Social Security Administration’s Office of the Inspector General.