COVID-19 Email Fraud
During the COVID-19 pandemic, many companies and organizations have sent emails to their customers with COVID-19 updates. As these emails become more frequent, fraudsters have started to use this to their advantage. The United States Secret Service (USSS) warns consumers and corporations of fraudulent emails that may contain malicious attachments that would allow fraudsters to remotely install malware to devices, putting passwords and sensitive data at risk.
Malicious email attachments are often Microsoft Office or WordPad type files, but it is possible that different variations exist and may continue to evolve with time.
These fraudsters are posing as vendors, hospitals or other familiar entities that would not normally seem unusual.
Some malicious emails are stating you have been in contact with an individual who has tested positive for COVID-19. You may then be instructed to download an attached file to complete a form and bring it to your nearest emergency clinic to be tested.
Do not click on or download any unknown attachments as this could open the door to fraudsters. Additionally, keep in mind that legitimate COVID-19 response emails typically do not contain attachments.
Do not open or click on unknown email attachments or links.
Do not agree to download any unknown software.
Update your passwords on a regular basis. Do not write them down or share them with anyone. Companies will not contact you and ask for your credentials.
If you suspect you have received a fraudulent or suspicious email, please contact the company directly for more information before taking any additional steps. Do not use the contact information listed within the email, as this is likely fraudulent information as well.