Skip to main content
Add Me To Your Mailing List
                                                                                                


 


HomeCOVID-19 Scam Warnings


COVID-19 Scam Warnings
Beware of fraud scams during COVID-19 pandemic


THIS IS A SCAM!  IF YOU HAVE RECEIVED THIS TYPE OF EMAIL
PLEASE MARK IT AS JUNK AND DELETE!



*Note the email address is not a validated Wells Fargo address. 

-------- Original Message --------
Subject: Wells Fargo account update
From: "Stay Home- Wells -Fargo" <hsamson-nk@t-online.de>
Date: Wed, May 06, 2020 10:19 am
To: Recipients <hsamson-nk@t-online.de>

 

 

 

 

From a trusted sender.

 


You have received this email for security reasons.

We will ask you to confirm your information to access again to your account please click the button below

 

Account confirmation

 



Product No. 2020-04-020
HSEC-1 | NTIC SIN No. 2.5, 5.4

April 17, 2020

Federal Partner Guidance

 

FBI Warns of Advance Fee and BEC Schemes Related to Procurement of PPE and Other Supplies During COVID-19 Pandemic

The Federal Bureau of Investigation provided this industry alert to warn government and health care industry buyers of rapidly emerging fraud trends related to procurement of personal protective equipment (PPE), medical equipment such as ventilators, and other supplies or equipment in short supply during the current COVID-19 pandemic.

The FBI recently became aware of multiple incidents in which state government agencies, attempting to procure such equipment, wire transferred funds to fraudulent brokers and sellers in advance of receiving the items. The brokers and sellers included both domestic and foreign entities. In one case, an individual claimed to represent an entity with which the purchasing agency had an existing business relationship. By the time the purchasing agencies became suspicious of the transactions, much of the funds had been transferred outside the reach of US law enforcement and were unrecoverable.

The current environment, in which demand for PPE and certain medical equipment far outstrips supply, is ripe for fraudulent actors perpetrating advance fee and business email compromise (BEC) schemes, such as those described above. In advance fee schemes related to procurement, a victim pre-pays (partially or in full) a purported seller or a broker for a good or service and then receives little or nothing in return.

BEC schemes often involve the spoofing of a legitimate known email address or use of a nearly identical email address to communicate with a victim to redirect legitimate payments to a bank account controlled by fraudsters. A variation on BEC schemes can involve similar social engineering techniques via phone call.

To read more about risk factors and mitigation recommendations for this current threat, please review the FBI's Press Release
here.



Current and Emerging COVId-19 Cyber Threats 
CoViper Malware Exploits Pandemic and
Damages Master Boot Record


Researchers at Avast discovered a wiper malware family, CoViper, also known as MBR (Master Boot Record) wiper or MBR locker, that exploits the COVID-19 pandemic. CoViper damages a critical component of the OS start-up known as the MBR, rendering the compromised machine inoperable. CoViper stops the user from ceasing the malware process by disabling the Task Manager. It is currently unknown how the threat actors initially compromise systems with CoViper, only that it masquerades as files related to COVID-19.

The NTIC Cyber Center recommends users keep device operating systems up-to-date and enable two-factor authentication on their accounts, avoid reusing passwords across multiple platforms and avoid opening unexpected correspondence. In addition, we encourage network administrators to scan for and proactively block the indicators of compromise (IoCs) associated with this malware located in Avast's blog post.


Profit-Motivated Criminals Could Exploit IRS Stimulus Payment Page

With the US federal government now processing Economic Impact Payments via direct deposit, the Internal Revenue Service (IRS) created a website to collect bank account information from Americans who do not usually file a tax return form. Unfortunately, profit-motivated criminals are actively trying to intercept payments using the website’s relatively relaxed identification requirements by targeting the information of people who have disabilities, who are low-income workers, and those who have no access to computers or the Internet. The only information needed to claim these electronic payments are a target’s name, address, date of birth, and Social Security number – information that can easily be found in any number of data breach repositories. Criminals can then supply their own bank account information to receive the payments without further verification.

Phishing Campaigns Masquerade as Correspondence from the White House and Vice President Mike Pence


Researchers from email security firm Inky discovered two phishing campaigns impersonating email correspondence from the White House and Vice President Mike Pence. The first campaign includes the subject line “White House Instruction for Coronavirus” and prompts email recipients to click on an embedded link. Once the link is clicked, the victim will be redirected to a fraudulent White House website and prompted to download a malicious Word document and enable macros, which then installs malware onto the victim’s computer. The second campaign is an extortion attempt, claiming that the targeted company is involved in human trafficking, drug dealing, and money laundering and that Vice President Pence would like to reach a financial agreement before the issue is brought to President Trump. There is no malware connected to this extortion scam.

Malicious Coronavirus-Themed Mobile Applications Discovered


Researchers at checkpoint uncovered sixteen malicious applications that masquerade as legitimate coronavirus-related services found on unofficial app stores. These applications claim to offer COVID-19 help and information but actually contain mobile malware including Mobile Remote Access Trojans (MRATs), banking Trojans, and premium dialers designed to steal data, control devices, and generate revenue.

COVID-19 Scams in the News

 

Coronavirus: Travel Scam Warning
Analytic Comment: The UK Credit Industry Fraud Avoidance System (CIFAS) warns against a rise in travel scams targeting canceled travel plans due to the coronavirus pandemic. Threat actors have set up fake websites masquerading as travel companies, tour operators, and insurers offering to refund or rebook cancelled trips. However, these fraudulent companies do nothing more than steal personal information and bank details to use in a later attack or withdraw money from victims’ accounts.

Coronavirus-Themed Phish Continue to Surge
Analytic Comment: Cofense threat intelligence researchers are investigating a surge in coronavirus-themed phishing campaigns as enterprises and government entities mandate remote work. These threat actors make use of emails with subjects such as “work from home” while spoofing common COVID-19 response organizations such as the World Health Organization (WHO), Centers for Disease Control and Prevention (CDC), various health and medical organizations, shipping companies, and more. These COVID-19 phishing templates are becoming increasingly sophisticated and could possible fool even the more tech-savvy recipients.

Cash App Scammers Are Using Coronavirus to Exploit People
Analytic Comment: Scam artists are conducting coronavirus-themed money flipping scams via the mobile payment application Cash App, attempting to lure victims by advertising coronavirus-related financial help and prizes. The perpetrators of these scams will first request a small amount of money as a processing requirement, promising to send the victim a larger amount later. However, the victims never receive the promised amount and may not be able to recover the money they sent to the scammers. To read more about the threat of Peer-to-Peer (P2P) payment scams, please read our blog post titled Securing Our Communities: Peer-to-Peer Payment Scams.

Scammers Are Setting Up GoFundMe Accounts for Fake Coronavirus Victims
Analytic Comment: Scammers are setting up fraudulent fundraising campaigns while masquerading as coronavirus victims or their relatives to elicit funds from charitable victims. Scammers are leveraging social media and crowdfunding websites to receive donations for medical expenses and funeral services, often duplicating profile pages of legitimate pandemic victims and soliciting their existing contacts for financial assistance. During this and other disasters, it is important to verify all charities and donation websites prior to submitting any personal or financial information. To read more about the threat of disaster scams and for additional mitigation strategies, please read our blog post titled Securing Our Communities: Disaster Scams.

US Consumers Report $12M in COVID-19 Scam Losses Since January
Analytic Comment: The US Federal Trade Commission (FTC) reports that consumers have lost over $12 million to COVID-19-related scams and have received more than 16,000 related scam reports since January 2020. According to the FTC, these scams appear to have impacted those areas most affected by the pandemic, including California, New York, Texas, and Florida. Scammers targeted victims via email, phone calls, and social media platforms in an effort to obtain their personal and financial information. Historically, profit-motivated criminals have sought to exploit personal hardships and widespread disasters for their own financial gain. The most effective method of countering these types of scams is through large-scale education campaigns and unified messaging to help consumers recognize the common tactics that are used to exploit them.



Additional Resources - Einstein Postdoctoral Association
As the novel coronavirus (COVID-19) pandemic continues to impact the United States, phone scammers have seized the opportunity to prey on consumers.  Click the links below for more information:

Federal Trade Commission  - https://www.fcc.gov/covid-scams
US Treasury - https://home.treasury.gov/services/report-fraud-waste-and-abuse/covid-19-scams
Department of Justice - https://files.constantcontact.com/96b8228b201/1f5e85f7-d5b6-478e-b478-e65684bb797f.pdf
IRS - 
https://www.irs.gov/newsroom/irs-issues-warning-about-coronavirus-related-scams-watch-out-for-schemes-tied-to-economic-impact-payments?mc_cid=de50f33574&mc_eid=c06a0db369



Pepco Warns Customers About Utility Scammers
During COVID-19 Pandemic

WASHINGTON, D.C. (March 26, 2020) – With the District of Columbia, Maryland and the world experiencing the impact of the COVID-19 pandemic, Pepco is reminding customers to always be on alert for potential scams targeting energy customers. Scams occur throughout the year, but the company has seen an increase in scam attempts with scammers using this health crisis to take advantage of energy customers throughout the United States. The company has received reports that scammers are threatening to shut service off, and also are offering cash or credit incentives in order to obtain a customer’s personal or financial information.

"It is unfortunate that scammers are using the public’s concerns around health and financial uncertainty to deceive and further harm our customers,” said Derrick Dickens, senior vice president and Chief Customer Officer for Pepco Holdings. “We want to provide our customers with tools and information that can help ward off would be scammers and help put a stop to these ongoing scamming attempts.”

In some cases, scammers are duplicating the recorded message that customers hear when calling a legitimate company, so when customers call the number provided by the scammer, it sounds like an actual business. Some scammers also use caller ID "spoofing" to replicate an energy company’s phone number.

Throughout the year, Pepco takes steps to raise awareness among its customers, including posting tips to social media, adding alerts on the pepco.com homepage, issuing news releases, and participating annually in Utilities United Against Scams Day in March and November. Any customer who believes he or she has been the target of a scam is urged to contact their local police and call Pepco immediately at202-833-7500to report the situation.

Don’t Get Scammed: Customers can avoid being scammed by taking a few precautions

  • Never provide your social security number or personal information to anyone initiating contact with you claiming to be a company representative or requesting you to send money to another person or entity other than Pepco.
  • Always ask to see a company photo ID before allowing any Pepco worker into your home or business.
  • Never make a payment for services to anyone coming to your door.
How to Protect Yourself:
  • Pepco representatives will never ask or require a customer with a past due balance to purchase a prepaid debit card to avoid disconnection.
  • Customers can make payments online, by phone, automatic bank withdrawal or by mail.
  • Customers with a past due balance will receive multiple shut off notifications – never a single notification one hour before disconnection.
  • If a customer ever questions the legitimacy of the call, hang up and call Pepco at 202-833-7500.


The Office of the People's Counsel for the District of Columbia Urges Consumers to Be on Guard Against Scams During COVID-19 Crisis


The Office of the People's Counsel for the District of Columbia (OPC) warns DC consumers that utility scams are active during the coronavirus (COVID-19) crisis. These scams may come via phone, email, regular mail or even in person, and the scammer may threaten disconnection if there is no payment. Some scam calls even show up on your caller ID as if a utility is calling.

However you are contacted, DO NOT share account or social security numbers, or any other personal information.If you suspect you have been scammed, call OPC at(202) 727-3071to talk with a consumer outreach specialist who can investigate your complaint.OPC staff members are currently serving consumers remotely and will return your call within 24 hours.

You also can file a complaint about a scam or any other utility concerns at opc-dc.gov.

Be aware that a utility company will not disconnect your service without giving you a disconnection notice in advance. Before making any decision about your utility service, check with your energy supplier and/or look at your most recent bill to check your current account balance; and only call the utility contact number on your bill or on a company website.

The DC Council passed legislation Tuesday prohibiting electric, natural gas and water disconnections during this public health emergency. OPC worked with councilmembers to secure this protection for consumers. People's Counsel Sandra Mattavous-Frye also sent letters to utility officials seeking relief. Pepco, Washington Gas, DC Water and Verizon Washington are waiving late fees in addition to suspending disconnections.

DISB Consumer Alert

Beware of Coronavirus Scams


The District of Columbia Department of Insurance, Securities and Banking (DISB) warns District residents to be on the alert for scams during the public health emergency. During times of heightened fear and stress, it is not unusual for people to let their guard down. This may be the case during the coronavirus (COVID-19) pandemic. Scammers can take advantage of these unusual circumstances to steal your money and sensitive, personal information. Three common ways they do this are through email phishing, charitable contribution requests, and medical supply sales.

Email Phishing
A popular scam is known as phishing. Seemingly legitimate emails are sent to potential victims that appear to originate from someone’s employer, healthcare provider, or financial institution. The sender may ask the recipient to open a link provided in the email. In other cases, the email may provide a telephone number that the recipient is urged to call because of a problem encountered with their account. The scammer's goal is to steal your personal information (e.g., date of birth, address, social security number, and bank and credit card account information) and your money.

Before responding to any emails or telephone calls requesting your sensitive personal information: STOP! Independently verify the telephone number of the company that appears to be requesting your information. Speak with a company representative at that telephone number (not the one provided in the email) to verify the email’s authenticity and contents. Do not click on any links in the email. Clicking on a link may load malware onto your computer, which could result in an account takeover along with a ransom demand to restore your system.

Charitable Contribution Requests
Be vigilant on social media for scams requesting charitable contributions to assist others who may be suffering as a result of the COVID-19 emergency. Fraudsters use this technique to take advantage of people’s desire to help others in need.

Medical Supply Sales
Another popular scam involves advertisements on social media and websites for the sale of medical supplies (e.g., surgical face masks, latex gloves, and protective eyewear), or for medications and/or supplements that purportedly cure or mitigate the effects of COVID-19. After the purchaser provides their credit, debit, or gift card information to the scammer, the goods are never delivered. Before sending money to someone offering to sell you goods or services, independently verify the seller’s business reputation by performing a Google search; or by checking with the Better Business Bureau atbbb.org, or the U.S. Food and Drug Administration atfda.gov.
If you believe you have been a victim of a financial scam or have questions about a solicitation or company, contact DISB’s Enforcement and Consumer Protection Division at 202-727-8000.

For updates on Mayor Muriel Bowser’s declaration of a public health emergency due to COVID-19, go to coronavirus.dc.gov.

DISB Mission
Our mission is three-fold: (1) cultivate a regulatory environment that protects consumers and attracts and retains financial services firms to the District; (2) empower and educate residents on financial matters; and (3) provide financing for District small businesses.

Social Media
DISB Twitter:@DCDISB
DISB Facebook:facebook.com/DISBDC/
DISB Website:disb.dc.gov

District of Columbia Department of Insurance, Securities and Banking
Office of Communications
1050 First Street NE,
Suite 801
Washington, DC 20002