Coronavirus Scams

As the COVID-19 pandemic continues to impact the United States, consumers should remain vigilant to the scams that prey on virus-related fears. If you receive calls, emails, or other communications offering COVID-19 related grants or stimulus payments in exchange for personal financial information, or an advance fee, or charge of any kind, including the purchase of gift cards, please do not respond. These are scams. Check out these important resources:

COVID-19 Phishing

FinCEN and U.S. law enforcement have observed significant increases in phishing campaigns that attempt to lure healthcare and pharmaceutical providers, with offers of COVID-19 information and supplies. Phishing scams target individuals with communications appearing to come from legitimate sources to collect victims’ personal and financial data and potentially infect their devices by convincing the target to download malicious programs. Cybercriminals usually send these phishing communications by email but may also use phone calls or text messages. Be cautious when receiving unsolicited communications.

IRS Tax Refund Scam

The IRS has discovered a new twist on the IRS Tax Refund scam that is utilizing the victims’ own bank accounts. Cybercriminals steal data to file fraudulent tax returns. Here’s the twist: The fraudulent tax returns are deposited in the victim’s own bank account. The criminals pose as a debt collection agency and contact the victim to say a refund has been mistakenly deposited into their account and ask the taxpayers to forward the money to the fraudsters. Take the following steps if you receive a direct deposit refund you did not request:

  1. Contact the bank/financial institution where the direct deposit was received and have them return the refund to the IRS.
  2. Call the IRS toll-free at 800-829-1040 (individual) or 800-829-4933 (business) to explain why the direct deposit is being returned.
  3. Keep in mind interest may accrue on the mistaken refund.
  4. Review the IRS information: the Taxpayer Guide to Identity Theft.

Remote Software Vulnerabilities

Cybercriminals and malicious state actors are targeting vulnerabilities in online remote login tools and virtual meeting environments to steal sensitive information, compromise financial activity, and disrupt business operations. Many criminals are forging online identity verification processes. Keep your login information secure and beware of suspicious scenarios.