“Free” Covid-19 Testing Is the Next Phishing Scheme

Next Phishing Scheme

Hackers and scammers have ramped up their operations over the past few months, likely in an attempt to take advantage of the chaos related to COVID-19.

Several new scams and phishing schemes promise information on free COVID-19 testing. One popular variety uses tests to pressure consumers into handing over personal health information.

Here is how scammers are using COVID-19 to drive the latest phishing schemes — plus some simple tips you can use to identify and avoid coronavirus scams and find genuine covid testing near me that will provide you with the service you are seeking:

How Hackers Are Using COVID-19 Testing to Scam Consumers?

Both the FCC and FBI have released warnings telling consumers to be aware of “health care fraud schemes related to the COVID-19 pandemic.”

The details vary from scheme to scheme, but the overall structure of the scam is usually the same. Individuals contact consumers and offer free COVID-19 testing using emails, phone calls or text messages. These scammers will then ask you for personal health information — including your Medicare or Medicaid number — if you ask for testing. This information will then be used to bill federal health programs for COVID tests the consumer didn’t receive.

The scammer will then collect the insurance payout and possibly sell the health information on the dark web.

Some scammers may also ask for personal information or financial details. One version of the scam directs targets to a malicious website designed to look like an official IRS page. The site requests information like date of birth, Social Security number and filing status to “prove your identity” before offering details on testing. This information will likely be collected and sold  or used for identity theft.

While most of these scams are fairly simple, others are more advanced. The FTC recently released a warning about fake COVID-19 testing sites. They may appear legitimate — with “tents, hazmat suits and realistic-looking tests” — but are designed to collect personal information and credit card numbers.

If you want to know if a local testing site is legitimate, ask your doctor or visit your state’s health department website. Both can provide a referral to an authorized facility.

Other Coronavirus Scams Are on The Rise

It’s not just testing. Scammers are using a variety of coronavirus scams to take advantage of consumers. Some may promise a cure, vaccine or treatment for the virus, while others may demand you pay for testing a friend or family member supposedly received.

Other scammers may claim to represent a charity that provides services for people sick with COVID-19 or COVID research. These sham charities may have legitimate-looking websites, but they aren’t actual nonprofits. Instead, they simply pocket the donations they receive.

Many scammers also claim to be part of contact tracing or public health initiatives. These scammers will claim to need personal or financial information to identify you and establish who you’ve had contact with. These people are mimicking government contract tracers, who will never ask for personal or identifying information. However, they may ask for the names and phone numbers of people you’ve come into contact with in the past 14 days.

How to Avoid a Coronavirus Scam?

Brushing up on your cybersecurity knowledge or investing in business cybersecurity can help keep both you and your employees safe from scams.

For example, you can learn the common elements of a phish. A phishing email will often contain tell-tale signs of its illegitimacy — like spelling errors, requests for personal information and demands for an urgent response. Only click on links from trusted sources and avoid those with suspicious-looking URLs. If you’re ever in doubt about an email, you can call the sending company to find out if it is legitimate.

Following the news and staying on top of the latest scams will also help you know what threats are out there and give you a better chance at avoiding these schemes.

Right now, there is no cure for the coronavirus, and any person who says they have one is trying to sell you a fake vaccine or treatment, or steal your data. You should ignore these offers and not provide them with any personal information.

Be cautious if an unknown caller tries to pressure you into making a payment or sharing personal information on the spot. Don’t pick up the phone for numbers you don’t recognize.

Research any charity before donating, and look for signs that it is legitimate. For example, you can use the IRS’s nonprofit database to see if a charity is formally registered.

Be wary of any call, letter or email asking for payment for treatment you haven’t received. You should also make sure you aren’t falsely billed. If you think you’ve been charged for testing incorrectly, contact your insurance provider.

Be Aware of These COVID Scams

Scammers are launching new schemes that take advantage of the chaos related to the coronavirus. The details of these scams will vary — but in general, criminals are looking to steal valuable personal information.

You can avoid these schemes by following good online security practices and staying aware of the latest scams.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.