Cybercriminals are taking full advantage of the concerns and panic around Covid-19, making use of phishing emails to get people to either click on a link in an email and disclose their personal login credentials or banking details and card information, or open a malicious attachment they believe to contain Covid-19 information. They are also luring clients to access fake websites, which results in malware being downloaded on their devices with information-stealing software.
While people across the globe are beginning to restrict their movements, spammers and phishers are out in full force and are taking advantage of the online demand for information about the pandemic.
Some scams could include the following:
- Fake Covid-19 infection-tracking or information websites.
- Fake adverts selling masks, hand sanitisers, etc – once you pay for the products, you never receive them.
- Fake emails from the government saying that you need to insert your banking details on a link to access free funding.
- Fake emails claiming to contain information about a cure for Covid-19.
We would like to give you the following tips:
- Make us of reputable sources for information on Covid-19 such as the Covid-19 South African Online Portal https://sacoronavirus.co.za. Don’t get hooked or spooked by fake news.
- Do not blindly accept the content of unsolicited emails or SMSs as being the truth. If an email or text message makes you feel anxious, fearful, or curious, or it sounds too good to be true, rather follow your gut feel, stop and verify before clicking on anything. Verify the sender’s details through their website, before contacting them to confirm the legitimacy of a message.
- Regard urgent security alerts, offers or deals as warning signs of a hacking attempt.
- Never disclose your Nedbank ID, profile, PIN and password or card and PIN details to anyone as these are used for downloading the Money app on your mobile device. Should you compromise your details to a third party, they will be able to download the app as if they were you.
- Beware of any attachments that end in .exe, .cab, .htm or .jar. These attachments often contain malicious software.
- Hover your mouse over hyperlinks to validate the website address (URL) before you click on it. If you long-press on a hyperlink on your mobile device, it should also reveal the underlying website address.
- Make sure that you have up-to-date antivirus software installed on all your devices and install the latest updates or patches to your operating system as soon as they are available.
This can prevent criminals from exploiting security vulnerabilities on your devices. Just as you would avoid touching objects and surfaces that may not be clean, so you should also avoid opening emails and text messages from unknown parties or visiting untrusted websites.
Report suspicious emails to email@example.com and delete them immediately.
When buying online:
- Only use secure and trusted shopping sites. Look for the lock image in the toolbar and an ‘https’ in the web address, before entering your card or other personal information on any site.
- Do a Google search for any warnings from people who have used the site before.
- Type in web addresses rather than clicking on links.
- Don’t do your online shopping on public Wi-Fi or unsecure networks, as fraudsters can easily intercept your connection and get hold of your usernames and passwords.
- Use secure payment systems like PayPal or consider using one card for online purchases only.