COVID-19 seems to be bringing out the worst in fraudsters. A new cyber blackmail scheme targets unsuspecting people online and threatens to infect their victims and families with COVID-19 if they refuse to pay a ransom. (There’s no doubt that innovative fraudsters are definitely taking advantage of the panic caused by the coronavirus pandemic.)
The typical phishing scam in the age of COVID-19 targets people who need certain supplies to protect patients or customers. Usually, it involves offers for personal protective equipment (PPE) or testing equipment for hospitals, health care unions or government agencies. (The new blackmail scam has not been quite as successful as the regular COVID-19 phishing scams because it’s a bit more bizarre.)
Criminals carry out their COVID-19 fraud scam by purchasing names and passwords from the dark web. (All they need is for a couple of people out of hundreds of thousands to fall for the scam and they’ll make a profit.) Fraudsters typically send out an email with their victim’s username and password in the body of the email and explain that they now have access to their accounts, passwords and the types of material they have been looking at. The scammer then goes on to explain that they have accessed the victim’s personal information and internet viewing history through their WebCam. (Basically, it’s similar to a well-used porn-extortion scheme. Scammers have just changed the focus to COVID-19.) The scammer goes on to say that if the individual doesn’t pay up in cash or Bitcoin, they will be infected with the coronavirus.
It’s important to note that if you ever receive an email like this, you can be sure it’s false and they are just jerking your chain. (Stay calm.) The fraudsters don’t have access to your WebCam, even though their claim lends credibility because they do have your email and password. (Fraud like this can only happen if you believe their far-fetched claims are true.)
While this type of scam is going on worldwide, the U.S. is just beginning to see this type of COVID-19 fraud pop up more frequently. Following the lead of other countries, law enforcement agencies across the nation have started disabling the infrastructures of some criminals and blocking their access to stolen information.
Here’s some sage advice if you happen to receive a similar phishing email: do not interact with the sender and delete the message immediately. Block the sender, then change your password. (Don’t let fear get the best of you.)
Today’s Fraud of the Day comes from an article, “Cyberscammers: Pay Up or We’ll Infect Your Family With Coronavirus,” published by The Daily Beast on April 29, 2020.
The NYPD is on alert over a sick COVID-19 blackmail scheme where unsuspecting people are targeted online by scammers who threaten to infect their families with the coronavirus if they refuse to pay the fraudsters money or cryptocurrency.
According to a sensitive law enforcement document reviewed by The Daily Beast – headlined ‘Scams and Fraud Campaigns Exploiting COVID 19 Likely to Continue,’ and dated April 20 – “the pandemic has created an environment ripe for fraudulent activity with threat actors leveraging fears of the virus to perpetrate a variety of malicious and criminal exploitation.”