Learn how to spot scams related to COVID-19

Scams that play on fears related to the novel coronavirus are on the rise. Here’s what you need to know to help protect yourself.

Tags: Cybersecurity, Fraud protection, Scams
Published: March 13, 2020

At a time when information is changing by the day, cyber criminals are capitalizing on the public’s desire to learn more about COVID-19, leading to an increased risk of financial scams.

Some of the latest scams to emerge are phishing emails which use the likeness of agencies like the Centers for Disease Control and Prevention (CDC) Health Alert Network or World Health Organization (WHO) and claim to provide a list of local active infections, safety guidelines and/or medical supplies.

Other new scams are centered on the possibility of receiving financial assistance from the government

Help to protect yourself from these scams by following these pointers.

Tips to stay safe from phishing

  • Be cautious of anyone attempting to prey on your emotions by using fear or threatening messages. Emails that contain urgent-sounding messages like “COVID-19: New case confirmed in your city” can make you believe you need to act quickly. This is a common tactic of phishers and could indicate an attempt to gain access to your information, particularly if sent from an unknown company or a source to which you haven’t subscribed.
  • Take special note of emails containing links. Clicking a link in a phishing email may direct you to a fraudulent site – or worse, install malware on your device. Be sure to fully examine the message and sender before opening any included links or other content.
  • Watch for misspelled words. Phishing emails often contain bad grammar and misspelled words, occasionally misspelling the name of the company they’re attempting to imitate – for example using "usbanks" instead of "U.S. Bank." 
  • Don’t provide confidential information. Never respond to requests for personal information unless you initiated the conversation. If you bank with U.S. Bank, we will never ask you to provide confidential information (your account number, Social Security number, password, a one-time passcode, etc.) in emails.
  • Remember that cyber criminals can try to reach you via text messages too. All of the email tips mentioned in this list also apply to unsolicited text messages that you might receive. Watch for messages that contain pushy tactics or use bad grammar and misspelled words.
  • Watch for attempts to impersonate your employer’s leadership. Phishers have also been known to impersonate leaders, managers or executives within organizations to increase the chance of an employee believing the email is legitimate and increase the likelihood that they’ll respond or click on links. Phishers will also use this tactic to try and get more organizational information (names, titles, emails, etc. within your reporting structure). Use the tips above to help spot these kinds of attempts.
  • Be aware that a secure or encrypted website doesn't mean it's legitimate.  If you visit a website where the URL begins with "https://" you may see a message in your browser or on the web page indicating that the website is secure or encrypted. But that doesn't mean that the site is trustworthy or legitimate. It just means that data is being encrypted in transit. 

Learn more about protecting yourself against COVID-19 related scams

Here are some additional resources with tips and info to help you avoid coronavirus scams: 

If you think you may have fallen victim to one of these scams, be sure to contact customer support as soon as possible.

Learn more about what U.S. Bank is doing to help those affected by COVID-19.