The war against COVID-19 progresses with serious attention given by many to social distancing and the use of face coverings. With many of us engaged in social distancing, though, the con artists are cranking up their constant attacks via email and telephone. Here are some of the scams and malicious attacks that surfaced in the past week.
A widespread malicious email campaign is being waged and has appeared in several states.
The email is worded as an extortion attempt in which the sender identifies a current or former password, followed by a threat to divulge compromising photographs taken with the webcam on your computer. The threat demands payment in bitcoins within 24 hours.
Do not comply with the demand. State and federal authorities have determined these to be hoaxes designed to intimidate or scare recipients.
Typically, the extortion attempt displays a current or former password to an online account or to your computer, possibly due to recent data breaches. The primary purpose of these "attacks" appears to be to create anxiety or fear.
If you are the recipient of one of these messages, file a complaint with the FBI at IC3.gov. Also, consider that it is a good time to review and change passwords for devices and accounts.
TERMINATED EMAIL ACCOUNT
Another scam email campaign appears to originate from your internet service provider. The email message, complete with service provider logo and online format, states that your email account is being terminated.
The message provides a link to click in order to "restore" your service. Don't click! Check the return address for the sender.
One of the messages I received displayed a return address of email@example.com. Before making any direct response to the message, contact your internet service provider and explain the situation.
Sadly, we generally are not patient people, and the criminals know this. Long wait times on calls for support are frequent, and many give up before connecting. Bear with it and, if necessary, detail the situation in an email to your provider.
So, you may wonder, how does the scammer know who provides you with internet service? Unless you use a VPN (virtual private network), many of your online searches and email messages display your location, service provider, type of device, operating system and, possibly, your name.
Best actions to take: Contact your service provider and report the phishing attempt, then file a complaint with the Federal Trade Commission at ftc.gov.
Beware of fraudulent charity fundraisers.
Callers using MagicJack are impersonating fundraisers for first-responder organizations, most often for police. These calls are untraceable and appear to be coming from a local phone number.
We recommend that you do not engage in any conversation with the caller. The call may begin with a robocall connection commenting about "your pledge." No mention is made of the name of the fundraiser, and the call uses artificial intelligence to discern your response, after which a live operator connects.
Keep in mind that if you continue the conversation and you are dealing with a criminal, he already has your phone number and will likely request your correct name and address, and possibly a credit card number for the donation.
Please note that there are legitimate paid and volunteer fundraisers conducting telephone campaigns. If you determine that you wish to make a donation, you are entitled, by law, to knowing if the caller is a paid fundraiser and what percentage of your donation actually goes to the sponsoring organization.
Don't be surprised if the charity receives less than 25 percent of the collected amount, and never provide a credit card or bank account number on the phone or internet unless you are absolutely certain of the legitimacy. Instead, request a pledge form by mail.
Elliott Greenblott is a retired educator and the Vermont coordinator of the AARP Fraud Watch Network. Questions, concerns or comments? Contact him at firstname.lastname@example.org.