Minnesota Seeing Spike In Phishing Scams
Jake Judd | Mar 24, 2020 AT 2:37 pm
(KNSI) - Minnesota has seen a spike in phishing scams related to the COVID-19 pandemic.
Phishing is a scam where thieves attempt to steal personal or financial account information by sending deceptive electronic messages that trick unsuspecting consumers into disclosing personal information.
The bait may be an email, instant message, or pop-up window from what appears to be a trusted institution or company - for example, a government agency, financial institution, or internet service provider, among others.
The consumer is encouraged to provide account information or other personal information, including financial information, and to click on a link that will install malware on a computer.
These new phishing scams include a fake COVID-19 tracking map and smartphone apps distributing malware, scam websites, and impersonations of the Centers for Disease Control (CDC) and the World Health Organization (WHO).
Scammers are exploiting people’s heightened concern at this moment with increasingly realistic phishing attacks.
Email addresses containing look-alike domains, such as emails ending in “@cdc-gov.org” instead of the legitimate “@cdc.gov.”
Phishing scammers may purport to be government leaders or health officials and claim to have relevant information about how to reduce the spread of COVID-19.
They may claim to have access to tests, vaccines, or miracle cures.
Attorney General Keith Ellison on Tuesday warned Minnesotans and offered advice about how to spot, avoid, and report them.
o TIP: Check email addresses and domains carefully before opening emails.
o TIP: Look for misspellings, poor grammar, or unusual or unprofessional language in the email.
o TIP: Do not assume that an email is legitimate because it includes the organization’s or business’s logo. Scammers often use them to fool you into thinking the email is valid.
· Urgent requests to click on hyperlinks that direct users to malicious sites. Those links may send you a website that looks official or legitimate but is run by scammers.
o TIP: Do not trust even legitimate-appearing hyperlinks from unknown senders.
· Sham “verifications” that ask you to provide sensitive personal information before accessing a site.
o TIP: Be skeptical of requests to verify your identity with sensitive personal information - especially if a site has not asked for the information in the past.
o TIP: The World Health Organization and the Centers for Disease Control and prevention will never ask you for personal information by email.
o TIP: Companies you do business with already know your account number and will never ask you to provide it to them. The Social Security Administration, Medicare, or your financial institution will never ask you for personal information by email.
· Requests to communicate with businesses or individuals outside the normal channels of communication, including unknown emails.
o TIP: If you have any doubt whether a communication is legitimate, call or email those businesses or individuals directly at the publicly-listed phone number to ask if it came from them.
o TIP: Do not trust the number in the suspected email, as it may send you to scammers rather than to the business or organization it claims to represent.