We recently blogged about increased data security risks with employees working remotely during the COVID-19 pandemic. According to Google, scammers are sending 18 million hoax emails about COVID-19 to Gmail users every day. Recently the FBI warned about these increased risks of phishing schemes relating to the COVID-19 pandemic. The FBI gave several examples of recent COVID-19 phishing schemes which typically impersonate vendors asking for payment outside the normal course of business due to COVID-19.
The FBI advises of the following red flags:
- Unexplained urgency
- Last minute changes in wire instructions or recipient account information
- Last minute changes in established communication platforms or email account addresses
- Communications only in email and refusal to communicate via telephone or online voice or video platforms
- Requests for advanced payment of services when not previously required
- Requests from employees to change direct deposit information
The FBI also recommends the following tips:
- Be skeptical of last-minute changes in wiring instructions or recipient account information.
- Verify any changes and Information via the contact on file—do not contact the vendor through the number provided in the email.
- Ensure the URL in emails is associated with the business it claims to be from.
- Be alert to hyperlinks that may contain misspellings of the actual domain name.
- Verify the email address used to send emails, especially when using a mobile or handheld device, by ensuring the sender’s email address appears to match who it is coming from.
If you are a victim of a fraudulent scheme, contact your financial institution immediately. You should also file a complaint with the FBI’s Internet Crime Complaint Center.
After several weeks of remote work, businesses should continually train employees of the increased risks of phishing schemes during the COVID-19 pandemic.