In times of crisis it’s more important than ever to be vigilant. Criminals prey on people’s fears and try to profit from uncertainty and panic. COVID-19 is proving a boom period for scammers and fraudsters, with robocalls, phishing attacks and credit card fraud all on the rise.
Scams have surfaced that try to take advantage of the recent spate of government programs, the high demand for certain products, the increase in online activity and remote working, and the general financial uncertainty of the pandemic.
Here are some of the most common scams to watch out for that target individuals and businesses.
Government Program Scams
This spring, the Canadian government quickly spun up a range of financial programs geared at helping individuals and businesses weather the financial impacts of COVID-19. Unfortunately, these scams have proven fertile ground for fraudsters. These scams can include:
- Unreliable companies offering to help complete applications for government programs
- Links to fake application forms and websites that look like official government sites and aim to steal personal and financial information
- Identity theft scams where criminals use your personal information to sign-up for government support and receive payments
Phishing attacks involve the practice of pretending to be a legitimate organization in an email, phone call, or text message designed to convince individuals the attacker needs personal information. Emails, for example, will contain a link to a fake website where credentials are entered or payment is made.
Scammers pretending to be from the Public Health Agency of Canada have also contacted people with fake COVID-19 test results. They ask for confirmation of your health card and credit card numbers in return for a prescription.
As well as mass phishing scams, fraudsters can also use publicly available information about your business and employees to create highly targeted phishing communications aimed at your business.
Most companies will have a robust set of protections in place to prevent cyber-crime in their workplace. As staff members moved to a remote working model, these protections were often left behind. Staff transitioned to using their own personal computers, mobile phones and email accounts to access information relating to the business. This created security gaps fraudsters could step into. These risks include:
- Weaker security if computers and devices are not updated centrally
- Insecure password practices on personal computers
- Sensitive business information being stored on personal computers
- Information being sent over vulnerable wi-fi connections