This article is from Trend Micro.
Even though we’re gradually returning to normal life, COVID-19 remains one of the scammers’ favorite tactics to exploit people.
Scammers use different excuses to contact you through SMS and email, prompting you to click on links or attachments. They pose as government agencies and say you can claim a COVID stimulus bonus, impersonate health centers and ask you to update your medical information, or pretend to be charity organizations offering job opportunities.
Why do they want people to click on the links? Their ultimate goal is to steal your personal information. They direct you to phishing sites so they can collect your sensitive data and use it for their own good. The links may lead you to:
Scammers can record all the sensitive data you enter and use it to steal your money and identity.
Scammers have been impersonating US government agencies and sending out text messages and emails, saying that people can claim stimulus bonuses via the attached phishing links.
The links (sometimes embedded buttons) lead to phishing sites that collect your personal information. To receive the bonus, you are required to submit banking details, which in fact end up in the scammers’ hands. Here are some examples:
Content
Because many people have lost their jobs due to the pandemic, scammers have been using fake job opportunities to trick people into giving away their personal information. Pretending to be non-profit charitable organizations, scammers have been sending out text messages claiming they’re recruiting remote workers, with high pay guaranteed:
Here is how the scam unfolds. The URL in the bogus SMS leads to a fake Community Giving website. There, you are asked to fill out the online form to apply for the job:
If you take a closer look, you will see that the URL of the fake site and the legitimate one look almost exactly alike. Only that there is an extra hyphen (-) in the fake site’s web address:
Posing as the National Health Service (NHS), scammers have been falsely claiming that people can apply for COVID-19 vaccination passports online through the links they provide:
Source: Twitter
Content
You may notice that the link looks like a legitimate one, but it’s not. (The genuine NHS website URL should end with nhs.com with NO hyphens or other letters in front.)
Once clicked on, it will take you to a fake NHS login page where you are required to enter your name as well as other personal information to apply for your (fake) COVID vaccination passport.
In other cases, scammers say that you need to order a PCR home test kit because you’ve been in contact with people with confirmed COVID-19 cases:
Source: Twitter
Content
The bogus NHS link leads to a fake UK government website entitled “Tests available”. You will have to enter credit card information to pay for the PCR testing kit. Again, these credentials will end up in the scammers’ hands!
1. After you’ve pinned the Trend Micro Check browser extension, it will block dangerous sites for you automatically:
2. Trend Micro Check on WhatsApp:
Send links or screenshots of suspicious text messages to Trend Micro Check on WhatsApp for immediate scam detection:
Download Trend Micro Maximum Security for even more protection, including Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection. Gain access to the Privacy Scanner for Facebook and Twitter, Social Networking Protection, and Parental Controls, too. Click the buttons below to give them a try:
Did you successfully spot the scams? Remember, always CHECK before giving out personal information.
If you found this article helpful, please SHARE to protect your friends and family!