United States: Scammers Target Remote Workers With Email Phishing Campaigns
To print this article, all you need is to be registered or login on Mondaq.com.
According to a recent USA Today article, the Federal Trade Commission (FTC)
reported that it had received 83,858 fraud reports this
year through August 9th relating to COVID-19 and the economic
stimulus packages. Many of these fraud reports are connected
to email phishing campaigns that target remote, telework or
In one type of phishing campaign, scammers send emails to
workers telling them that their employment is being terminated as a
result of COVID-19 and purports to offer termination package
options. These termination email scams provide clickable links
inviting the employee to attend a teleconference meeting or to
obtain additional information concerning the termination packages.
Instead, these links download malicious software or require the
employee to enter personal information, such as a Social Security
number, in an attempt to steal their identity and ultimately commit
financial fraud that harms the employee. Employees who receive a
suspicious email telling them they are being terminated should
notify their human resources department or other designated person
in the organization.
In another phishing campaign, scammers send emails that purport
to perform COVID-19 contact tracing and ask for money,
credit card information, or Social Security numbers. Legitimate
contact tracers need information about health and contacts, not
money or personal financial information. On its Consumer
Information blog, the FTC offers these tips to avoid
falling prey to a contact tracing scam:
- Don’t pay a contact tracer.
- Don’t give your Social Security number or financial
- Don’t share your immigration status.
- Don’t click on links or download anything sent from a
purported contact tracer.
Employers should consider alerting their workforce about the
heightened risk of phishing scams during the COVID-19 pandemic, and
provide training on how to identify such emails and how to safely
report them. If you are an employer and think your workforce has
been targeted with one of these phishing campaigns, you can report
the suspected activity to the FTC here. For additional information on COVID-19
phishing scams and FTC guidance and tips on how to spot malicious
emails, go to the FTC’s Coronavirus Advice for
To read more on protecting your remote workers, see our article,
Data Security in the “New Normal” of
Teleworking. For guidance on responding to a cybersecurity
incident within the first 24-48 hours, see our Six Tips, which can also be found on the
blog’s Data Incident Response Team tab.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Coronavirus (COVID-19) from United States