The recent COVID-19 pandemic has encouraged cyber criminals to take advantage of very hectic and stressful times. Cyber criminals have increased targeting using text messages, email phishing scams, electronic distribution of malware, and illegitimate websites by leveraging people’s fears and need for information relevant to the disease as well as government stimulus money.
 
Key Points

• There has been an uptick in fraud related to COVID-19
• Scammers, among other things, have taken advantage of news about financial assistance and unemployment benefits during the economic disruption
• Bad actors are seeking your login information for social media, Netflix and other streaming services

Government agencies, like the IRS, the Federal Trade Commission, Social Security Administration, and State Unemployment offices are warning people to be vigilant as fraudsters have aggressively increased scamming individuals. Scam artists have successfully used people’s private information to wrongly collect unemployment benefits, commit tax fraud, or steal money from financial accounts.
 
With many states rushing to pay unemployment claims, payments have gone straight to accounts through direct deposit. One state agency tasked with managing unemployment claims began realizing the extent of the problem in recent days when still-employed people called to question why they had received confirmation paperwork in the mail, all possible because social security numbers were obtained from past cyberattacks. 
 
Beware of fraudsters posing as state unemployment officials asking for unemployment insurance overpayments to be paid back by credit card or gift card. Government agencies will never request credit card or gift card payments over the phone.
 
Scam artists entice unsuspecting victims accessing email when using a personal computer or mobile device, to click on malicious hyperlinks which can be used to remotely install malware, or potentially harvest user account credentials by installing key-loggers. 
 
Nearly 13,000 email messages are blocked per day targeted for Essex associate email inboxes. Your vigilance to ongoing cyberattacks will make it more difficult for cybercriminals to attain your private information.
 
How to Protect Yourself from Cyberattacks

• Hang up on robocalls. Ignore online offers for vaccinations and home test kits. The Federal Drug Administration hasn’t approved any products to treat COVID-19.
• Protect your private information. The government will not call to ask for your Social Security number, bank account or credit card number.
• Never wire money to someone you don’t know through gift card, money transfer, Venmo or PayPal or by any other means.
• Don’t click on links from sources you don’t know. Don’t respond to texts and e-mails about checks from the government.

• Never click on links in emails. If you do think the email is legitimate, go to the site and log on directly. Whatever notification or service offering was referenced in the email, if valid, will be available via regular log on.
• Never click on links in text message. Delete the message and just do not respond. 
• Never open attachments. Typically, retailers will not send emails with attachments. If there is any doubt, contact the retailer directly by typing their web address in your browser. 
• Do not give out personal information over the phone, in a text message, or an email unless completely sure. Social engineering is a process of deceiving individuals into providing personal information to seemingly trusted agents who turn out to be malicious actors. Ask a caller to provide you their name and a call-back number. Just because they may have some of your information does not mean they are legitimate!

 Other practical tips to protect yourself from cyberattacks:

• Set secure personal passwords and don't share them with anyone. Avoid using common words, phrases, or personal information, and update regularly. DO USE long combination of letters (upper-case and lower-case), numbers, and symbols; 11 characters or more is ideal.
• Keep your operating system, browser, anti-virus, and other critical software up to date. Security updates and patches are available for free from major companies.
• Verify the authenticity of requests from companies or individuals by contacting them directly. If you are asked to provide personal information via email, you can independently contact the company directly to verify this request.
• Pay close attention to website URLs for sites you visit. Malicious websites sometimes use a variation in common spelling or a different domain (for example, .com instead of .net) to deceive unsuspecting computer users.
• For email, turn off the option to automatically download attachments.