The Big Scam Theme 2020: Covid-19

Covid-19 isn’t a scam, but scammers are really capitalizing on it. According to Q1 FY 2020 State of Phishing & Online Fraud report from Bolster, 30% of new scamming and phishing websites are related to Covid-19. Every type of scam in the book has been updated to profit from the pandemic. Have that in mind while reading the article. Even if we don’t call it out specifically in the entry, chances are someone is using that method for Coronavirus-related scams.

1. Phishing 

phishing

Phishing one of the most widespread types of scams. It’s carried out by sending fraudulent emails or messages, or by making calls. The scammer pretends to be working on the part of a legitimate company – a bank, a shop, whatever. That’s how they make you give out your login information and bank account data. 

According to the FBI 2019 Internet Crime Report, it was by far the most popular scam in the US in 2019. Phishing cases were twice as many as the runner-up (non-payment/non-delivery). Its potential only rises as Covid forces people into remote work scenarios. Popular phishing scenarios involve sending fake Zoom links, which then download and install malware on your computer.  

2. Fake Websites 

fake websites

Fake websites are one of the largest types of online scams. But what do they do? Well, scammers set up fake websites selling non-existent goods. Often, they even use well-known brand names and offer discounts that are too good to be true. They may be used to harvest your credit card data or even collect payment for the goods you’ll never receive.

This type of scam really blew up after Covid. A large variety of fake online pharmacies cropped up to peddle Hydroxychloroquine. They may also sell masks or even fake Covid cures. Some operate even more deviously, creating websites pushing lies about Hydroxychloroquine. Those are then linked to fake pharmacies. 

Scammers are also benefiting from indirect effects of the pandemic, mainly by setting up fake streaming sites to trick people stuck at home during the quarantine.

What is Hydroxychloroquine?

For one, it’s hard to pronounce. It’s also an essential malaria drug, in use in the US since 1955 and among the medicines in the WHO Model List of Essential Medicines. In March 2020, rumors emerged that it’s also effective at treating Covid-19, with the flames fanned heavily by the US President talking about the drug at a press conference. According to numerous medical trials conducted since, hydroxychloroquine does not help treat Covid-19 at all. 

3. Extortion

extortion

The most common type of extortion scams is sextortion. You get an email saying that the scammer has photos of you doing something consenting adults might do (possibly alone). They tell you that they’ll spread these around to your contacts. That is, unless you pay them – usually in cryptocurrency. 

The hacker will claim they gained this information by installing malware on your device. Since it’s unlikely that they have anything on you, they’ll provide the next best thing as proof: a password that you use. Those are secret, so they must have hacked you to get it, right? 

Well, no: since many people reuse passwords, the password might have come from a data breach that exposed your credentials in the past. Surfshark VPN users can actually subscribe to Alert to check if their data had been leaked that way – and to get warnings when new breaches become known.  

4. Form-jacking

form jacking

Form-jacking operates like an even more sophisticated version of fake websites. Only instead of starting with the fake website, these types of scams utilize a hacked official website. Hackers can insert their own links there, which lead to their own legitimate-looking sites. 

Of course, you won’t be getting anything you pay for, and your data will be stolen. This also helps the hackers hide their tracks and prevent you from canceling the payment. Since the customer believes that the goods are being shipped and then delayed, they may not cancel payment with their bank long after it’s too late to do so. 

5. Confidence Fraud

confidence fraud

Confidence fraud is like a more personal type of phishing. In this situation, a scammer pretends to be a close personal contact of yours. It may range from relatives to new online paramours (very relevant in a year when going out for dates is less than advisable). This alias is used to trick you into handing over valuables. Those may range from bank account and login details to actual money. 

According to the FBI 2019 Internet Crime Report, nearly 20,000 Americans fell for it last year – and that’s just counting the people who reported it. The same document shows that many scam victims tend to be over 60. That’s why an effective scammer tactic is to pretend to be a grandchild that has been recently hospitalized due to Covid and needs money.   

6. Fake Antivirus Software

fake antivirus software

This type of scams is nearly as old as the internet. While browsing online, you receive a pop-up or spot a banner claiming that your computer is infected. The solution is provided immediately: just download the advertised antivirus software.

What you are actually downloading is some sort of malware – maybe even a real virus. Your computer was never infected, and if it was, the ad/pop-up has no way of picking that up. If you really think that your computer is infected, seek out one of the big antivirus apps by yourself (via Google searches and such) instead of clicking banners or email links (we’ll have more on how to detect scams later one). 

7. Tech Support Scams

tech support scams

Tech support scams feel like more personal antivirus scams. First, you might get a notification or an email that you have a virus. Then you let a supposed IT specialist remotely access your computer. They use this opportunity to install actual malware. 

Since many of us are working at home, Covid made this type of scam flourish in a new way. If you observed online humor for the past few months, you know that we all have video conferencing issues! 

To benefit from it, scammers are creating their own legitimate-looking tech-support pages. People are likely to stumble upon them when looking how to fix issues you might have with Zoom and Google Meets. So if a user reads the advice on the fake tech support team and contacts them, he or she just opens up devices for scammers. And 

8. Crypto Scams

crypto scams

Two of the newest types of crypto scams involved tricking people into downloading malware and getting someone to invest in your fake currency. The first approach usually masquerades the malware as some new cryptocurrency wallet.

The second one can be adapted to Covid circumstances. There have been websites created for fake cryptocurrencies that will supposedly go up in value as more people die from Covid-19. However, no such ghoulish currency exists, and this is just another type of phishing scam to get your data. 

Now that you’re updated on the newest types of scams, how do you avoid them?

Common Precautions To Take Against All Sorts of Scams

There’s an infinite variety of scams in the world. Here’s how you might spot the common types:

  1. Always reread everything: when it comes to emails and websites, scammers tend to leave typos and punctuation mistakes. Some of it is to weed out scam-aware people early on, the rest might be due to carelessness. 
  2. Check those websites addresses: unless the hackers have hacked an official website, they can’t have the same website address as the real one. Always check the URL for small deviations from the official title. In emails, you can hover your cursor over buttons and hyperlinks to see the address in the lower left corner. 
  3. Don’t trust random warnings: you should already have an antivirus app installed. If it isn’t freaking out, you shouldn’t be  either. If you don’t have an antivirus installed, get one from an official supplier or a trusted website like CNet or Softpedia. 
  4. Beware of good deals: if a deal seems too good to be true, then it probably is. If that isn’t enough for you, web search the website’s name to find out more about it, and check reviews on websites like TrustPilot. 
  5. Never give away your information: as the old saying goes, “we will never ask for your password.” No bank, store, or website will ever need to know your login credentials
  6. Remember that big companies won’t call you: nobody is calling you to tell you that your computer has a virus, certainly not Google, Amazon, or Apple. At best, you’d get an email about a security breach. 
  7. Stay frosty with close and personal: confidence frauds rely on shock value and your empathy. We’re not saying not to be empathetic, but to be careful, especially when large sums of money are involved. 

And while we’re on the topic, did you know that VPNs can improve passive protection against many types of scams?

Enter CleanWeb

cleanweb

CleanWeb is a free extra feature of Surfshark VPN. When active, it works in the background to shield you from malware.

When it comes to everyday use, CleanWeb blocks ads and known malware from downloading. The former might be a nuisance; the latter is a real threat. CleanWeb will make sure that you wouldn’t fall prey to the most common dangers by blocking links that lead to confirmed scam websites.

In certain cases, CleanWeb can even prevent phishing – you can’t enter your data on a fake website if you can’t even access it. 

All that is in addition to the regular security benefits that come with VPN use. That is, keeping your browsing history secure from ISP and the government. It also protects your data on public Wi-Fi. And a VPN is perfect at hiding your IP, probably the most personally identifiable digital footprint that you leave wherever you go online. 

So now that you’re prepared to face the most popular scams of 2020, why not get Surfshark VPN for an extra layer of security?

Use the malware-aware CleanWeb feature today!

Get Surfshark VPN!