Coronavirus-related Scam Alert
The IRS, the FTC, the Fraud Support Network, ISACA, the AICPA, the ACFE, and almost every cybersecurity group and email list I belong to are issuing warnings regard Coronavirus-related scams. Hundreds of websites have been created to facilitate these scams. BRC joins in urging our clients and friends to take extra caution during this time. The bad actors have not stopped trying to take advantage of the uncertainty and our anxiety. You can expect to receive and see emails, text messages, social media posts and websites requesting money, personal information and spreading false hope and information. There are reports of fake cures for COVID-19, phishing emails posing as the World Health Organization and the CDC. Malicious websites and apps that appear to share virus-related information and then gain access and lock your devices until a ransom payment is received. And organizations fraudulently seeking donations for illegitimate or non-existent charitable organizations. We are sure that bad actors will continue to use new methods to exploit COVID-19 worldwide.
There are a few points that everyone should remember:
- The IRS will deposit the Economic Impact Payment directly to your direct deposit account.
- The IRS will NOT be reaching out by phone, email, or in person asking for any kind of information to complete the Economic Impact Payment.
- Retirees receiving Social Security payments will automatically receive the Economic Impact Payment. No action is necessary on the Retirees part.
- Scammers may emphasize the words “Stimulus Check” or “Stimulus Payment”. The official term is economic impact payment.
- The check CANNOT be sped up or fast-tracked, no matter what someone says.
- The economic impact payment will be for an even amount. Odd amounts will not be sent.
- There are NO COVID-19 vaccinations or home test kits.
- Social Media is not an official source of information. Please use the official websites.
Action steps you can take:
- Always go to the actual website; never click on links in email, social media, or texts.
- Never give out your personal information.
- Share this warning and information with your employees, family and friends. Especially reach out to those most vulnerable, such as retirees.
- Verify all charities before donating at the IRS Tax Exempt Organization. website: https://apps.irs.gov/app/eos/
- Never buy gift cards to give to someone you don’t know. If someone calls saying a family member is in trouble, hang up and call that family member directly. Even, better, create a code word with your family to use to verify they are in trouble, or have a need.
- Hang up on Robocalls.
Below are a few official sites to help with education and recovery of any frauds or scams. Of course, you can always reach out to BRC.
Ben Hunter, III CISO, Advisory Services Principal, CPA/CITP, CISA, CRISC, CDPSE, CISM
Ben is the Chief Information Security Officer for BRC and is a Principal in our Firm’s Risk Advisory Services Practice. He specializes in Cybersecurity and Information Technology Audits and Assessments. Ben began his cybersecurity career in the US Marine Corps. After becoming a Certified Public Accountant, he continued his cybersecurity and IT Audit training […]