FBI, US government warn on spike in coronavirus scams

Get all the latest news on coronavirus and more delivered daily to your inbox. Sign up here.

Fraudsters are seizing upon the COVID-19 crisis to mount fresh attacks to get your money, the FBI and DHS said in separate advisories this week.

The FBI advisory cites so-called Business Email Compromise (BEC) schemes – a kind of email fraud that targets funds transfers, often large sums.

In a typical scenario, you get an email that appears to be from a company or individual you normally do business with. The hitch is, the scammer will request funds be sent to a new account “or otherwise alters the standard payment practices,” the FBI said in a statement.

APPLE ANNOUNCES NEW CORONAVIRUS APP AND WEBSITE

The FBI pointed to an increase in fraud aimed at municipalities purchasing personal protective equipment “or other supplies needed in the fight against COVID-19.”

In a recent example cited by the FBI, a financial institution received an email purportedly from a CEO who had scheduled a transfer of $1 million. The fraudster requested that the transfer date be moved up and the account receiving the funds be changed “due to the Coronavirus outbreak and quarantine processes and precautions,” the FBI said, quoting the fraudulent email.

One of the most devious tricks in the bad guys’ bag of tricks is using an email address that looks the same as the legitimate email. In the case cited by the FBI, the email address "was almost identical to the CEO’s actual email address with only one letter changed,” the FBI said.

“Hackers love emergencies and times of uncertainty because people are scared, distracted, and vulnerable, making them ideal targets,” Ed Bishop, CTO and co-founder of Tessian, a firm that provides technology to prevent email fraud, told Fox News.

Bishop listed ruses used by cybercriminals such as the “Fraudulent Third-Party,” where hackers will impersonate people within an organization or suppliers and vendors associated with the company. And “Secure IT Support” where bad actors will pretend to be a company’s IT support and send malicious links to employees.

Other schemes include the “Out-Of-Office Boss” and the “Helpful Government Organization,” Bishop added.

CREDIT CARD SKIMMING IS NEW THREAT IN CORONAVIRUS ERA

DHS WARNS

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the UK's National Cyber Security Centre (NCSC) issued a similar warning this week.

Both CISA and NCSC said they are seeing growing use of COVID-19-related themes by malicious cyber actors targeting individuals, small and medium enterprises, and large organizations.

The advisory cited phishing email with subject lines including “2020 Coronavirus Updates,” “Coronavirus Updates,” “2019-nCov: New confirmed cases in your City,” and “2019-nCov: Coronavirus outbreak in your city (Emergency).”

You can avoid these scams by looking for red flags, including requests to click on a link, spelling and grammatical errors, and unfamiliar email addresses when you hover over the link with your cursor, Tessian’s Bishop said.

CLICK HERE FOR COMPLETE  CORONAVIRUS COVERAGE

The FBI and CISA also say be wary of an urgent and/or immediate request for funds, last-minute changes in wire instructions or recipient account information, and messages that appeal to emotions.

As of Thursday morning, more than 1.49 million coronavirus cases have been diagnosed worldwide, more than 432,000 of which are in the U.S., the most impacted country on the planet.

GET THE FOX NEWS APP