Cybersecurity and COVID-19 Scams

During these uncertain times, it is important to remain vigilant and practice safe internet habits. The global spread of coronavirus has unfortunately resulted in a growth of digital scams, with cybercriminals aiming to profit from people’s fears and their desire for information related to COVID-19. This massive increase in cybercriminal activity coupled with the impact COVID-19 has had on our lives makes life difficult and can feel understandably overwhelming.

Scams related to COVID-19 and the recently passed CARES Act include robocalls, texts, and email phishing attempts from criminals posing as representatives from the Internal Revenue Service (IRS), World Health Organization (WHO), and Centers for Disease Control (CDC). Email recipients have been tricked into downloading malicious software by clicking on links and attachments. Other scams include cybercriminals posing as legitimate businesses claiming to sell products like facemasks, hand sanitizers and medications to help avoid COVID-19. As of the end of March, more than 7,800 U.S consumer complaints have been filed with the Federal Trade Commission (FTC), with an average loss of nearly $600 per victim.[i]

During such difficult times with COVID-19 dominating the headlines and impacting our lives, it is important to remember that everyone can practice safe Internet practices and prevent themselves from being victims of cybercrime. We have control over how we interact with emails, answer calls, and respond to solicitations, whether we are in a crisis or not. The Cybersecurity and Infrastructure Security Agency (CISA), a division of the Department of Homeland Security urges everyone to exercise caution in handling emails received with a COVID-19-related subject line, attachment, or hyperlink.[ii] We should also be careful with social media posts, texts, or calls related to the coronavirus pandemic. Best practices for defending against these cyber scams include:

• Never give personal information to unsolicited requests over the phone or in email.
• Don’t click on links in unsolicited emails and exercise caution when downloading email attachments.
• Use trusted government websites such as the CDC’s and the WHO’s for official COVID-19 information and updates.
• Don’t respond to unsolicited emails urging you to act promptly to prevent or cope with COVID-19.
• Set strong passwords with a combination of numbers, letters, and symbols to secure your email, financial, health, and personal accounts.
• Verify a charity’s legitimacy before making donations online or over the phone. Review the Federal Trade Commission’s advice about avoiding charity scams to make sure your donation will actually go to an organization you want to support.
• Do not respond to emails from unknown sources requesting personal, financial, or health information.
• Report any fraud or cyber scams to the Federal Trade Commission: gov/complaint.

At Merriman, we have measures in place to safeguard your information, such as enhancements to how we share sensitive information with you and trusted professionals, and the use of multi-factor authentication solutions to secure access to critical data systems.  These investments in employee training and cybersecurity over the years have also enabled us to better detect and respond to email phishing attempts and fraudulent requests for funds. We value your trust and will continue to take the necessary steps, like calling you directly to verify an information or money request we receive over email, as part of our ongoing mission to protect your information and financial assets. This is always an area of focus for our employees, but especially as our team continues to work from home for the next several weeks.

We hope that as you spend more time indoors and online, you do so safely and keep an eye out for cyber and robocall scams. Although it is understandable to feel overwhelmed by all the COVID-19 headlines, it is important to remain informed, vigilant, and remember that practicing some basic safety measures can greatly reduce your chances of falling victim to these scams.

[i] Joseph Marks & Tonya Riley, The Cybersecurity 202: Coronavirus pandemic unleashes unprecedented number of online scams, Washington Post, (April 1, 2020)

[ii] CISA, Defending Against COVID-19 Cyber Scams, Department of Homeland Security, (March 6, 2020)

Written By: Erick Aguayo, former Chief Compliance Officer