Beware of fake Centers for Disease Control and Prevention (CDC) emails

In this special edition of Tom’s Tek Tips, we will focus on risk. With the current situation related to COVID-19 there are a host of scammers trying to take advantage of people and the situation. Some old tricks, some new. My hope is that these tips will keep you cyber safe during these unprecedented times.  

Beware of fake Centers for Disease Control and Prevention (CDC) emails. Scammers and criminals have been sending out fake CDC emails and other organizations claiming to offer information on the virus. Do not click links or open attachments if you do not recognize the senderScammers and Fraudsters can use links in emails to deliver malware to your computer to steal personal information or to lock your computer (Ransomware) and demand payment. If you need information from the CDC the best thing to do is go to https://www.cdc.gov/ directly.  

Report Spam Emails to Your Company’s IT Department

If you receive an email that seems suspicious, like an email phishing attempt asking for login credentials, in your work email inbox, you should report this email to your IT department using your company’s protocol. If you are receiving spam or phishing emails like this, it is likely other employees at your company might be as well. Reporting these emails to your IT department is the best way to keep everyone informed of potential scams and to protect the company from malware.

Regularly Review Your Credit Card Statement and Credit Report

Monitoring your credit card activity is the best way for you to catch potential fraud as early as possible, which can make it easier for you to report and resolve the issue. I recommend reviewing your credit card activity once a week to verify your transactions and checking your credit score once a month to monitor any suspicious changes in your score. Most banks offer a FICO score update on their online banking platform, and you can get free credit score updates from Credit Karma. If you do see any suspicious activity, freezing your credit is the most effective way to protect your personal credit information from cybercriminals.

Protect Your Personal Information on Social Media

Many social media platforms will automatically set your profile — and therefore all the information on your profile — to public. Check your privacy settings on your social media accounts to make sure you’re showing the very minimum about yourself to the public, especially on Facebook. Avoid adding other personal information, such as your home address, birthdate or phone number wherever possible.

Secure Your Mobile Device

Cybercriminals are getting better at targeting mobile devices using malware. That’s why it’s important for us to secure our mobile devices as best we can. That means using strong passwords and biometric features wherever possible. You should also turn off your Bluetooth whenever you’re not using it. If you have an iPhone or iPad, make sure that you set AirDrop to “Contacts Only” when asking someone to share a file with you, and turn it back off when you’re done.

Why Software Updates are Vital

Though it can be annoying to have to restart your device to install a system update, it’s much better than the alternative: leaving your computer or mobile device vulnerable to attack. In fact, the notorious WannaCry ransomware attack targeted computers that had not been updated to the latest version of Windows. Regularly updating your software is the easiest way to make sure you are protected from known software vulnerabilities.

How to Avoid Fake Retail Websites

You can verify the validity of an online retailer with a quick Google search, to see if there are any scams associated with the website. You can also plug the URL into Whois, which provides information about the site owner and how long the domain has existed. If the domain hasn’t been around for very long, this is typically a sign the website is fake.

Only Use Trusted Payment Methods Online

Phishing scams will often use bizarre payment methods, such as money orders, wire transfers or pre-loaded gift cards. These methods make it harder to trace the recipient and nearly impossible to get your money back. Make sure you’re using encrypted websites when inputting any payment information. Digital wallet options like Apple Pay, Android Pay and Samsung Pay also offer secure transactions via tokenization.

Press the Call Button on Your Smartphone to Redial Last Call

Here’s a tip that a lot of folks forget about now that we use smartphones more than landlines. Your phone keeps the last number dialed available so you can easily call them back. In both iOS and Android, you can press the call button in the phone app for a quick call-back feature. This is great in dead spots when calls drop, when you get a busy signal or when you are on a conference call.