ST. LOUIS — With thousands of Americans now working remotely from home, security experts said they're bracing for a huge wave of phishing scams.
"It only takes one person in your environment to get it," said Dave Chronister, CEO of Parameter Security, referring to the phishing emails that could already be sitting in your email inbox.
"Anybody can fall susceptible to one of them and that's why it's so dangerous. You may not be paying attention and accidentally open an email and click on a link," said Chronister.
The latest phishing emails pretend to be from the Centers for Disease Control (CDC) or World Health Organization (WHO). They promise important news about COVID-19 that could impact your health or employment benefits.
"They may pose as someone from your human resources or your president. We're also seeing some come from healthcare companies," said Chronister. He saID he's seen some phishing emails threatening to discontinue health insurance coverage or benefits.
According to the FBI, phishing emails may also claim to be related to:
- Charitable contributions
- General financial relief
- Airline carrier refunds
- Fake cures and vaccines
- Fake testing kits
Chronister said while their methods may have adapted, the scammers' goals are always the same, and that is the key to recognizing their true intent.
"They may have you try to enter your credentials, may have you unintentionally install malware on your system, or if you're in the finance area, may get you to try to send funds to them," said Chronister.
There's one last thing he advises his clients to do if they've come in contact with one of these scams.
"Turn off your computer, or better yet, unplug it from your network, go and change all the passwords you may have," said Chronister. "If you're able to catch it quick enough and turn the computer off, they're not going to have access to that network."
The FBI also has several suggestions for people to keep their information safe:
- Do not open attachments or click links within emails from senders you don't recognize.
- Do not provide your username, password, date of birth, social security number, financial data or other personal information in response to an email or robocall.
- Always verify the web address of legitimate websites and manually type them into your browser.
- Check for misspellings or wrong domains within a link (for example, an address that should end in a ".gov" ends in .com" instead).
If you believe you are the victim of an Internet scam or cyber crime, or if you want to report suspicious activity, please visit the FBI’s Internet Crime Complaint Center at www.ic3.gov.