Beware of coronavirus stimulus check scams
5/1/2020 — Now more than ever, it is Westerra's priority to ensure that our members are well equipped with essential resources and education regarding COVID-19 stimulus check scams. As the federal government begins to send out checks to tens of millions of Americans, part of the Coronavirus Aid, Relief, and Economic Security (CARES) Act, scammers are looking for ways to deceive individuals.
Examples of fraud:
Check Fraud: The fraudster may send the victim a check for a larger amount and request that the victim return the remaining funds.
Voice/Email Phishing: Scammers may call, text or email an individual and ask if they would like to receive their stimulus check sooner than their projected date. Victims may verify and "confirm" their personal information with the fraudster, thus compromising their identity.
Call Spoofing: Incoming calls from the IRS pertaining to their stimulus check. Please keep in mind that the IRS will not reach out to you in regard to your stimulus check.
What you should know:
The IRS will not call, email or text you to verify or request your financial, banking or personal information.
Watch out for websites and social media attempts to request money or personal information. The official website is https://www.irs.gov/.
Don't open surprise emails that look like they're coming from the IRS or click on attachments or links.
Taxpayers should not provide personal or financial information or engage with potential scammers online or over the phone.
Forward suspicious emails to firstname.lastname@example.org, then delete.
Go to IRS.gov for the most up-to-date information.
Here are some additional sites with more information on stimulus checks and scams:
Westerra is here to support our members and our community during these uncertain times. We want to ensure that you feel confident that we are here to protect you and your funds. Please feel free to reach out to Westerra's fraud team if you have any questions or concerns.
Beware of coronavirus scams
3/19/2020 — The coronavirus (COVID-19) pandemic has been a windfall for fraudsters as they exploit the global thirst for knowledge on the virus. Fraudsters have launched coronavirus-themed phishing attacks to deliver malware — typically credential-stealing banking Trojans. The phishing emails purport to be from the Centers for Disease Control (CDC) and the World Health Organization (WHO). The WHO posted an article on its website warning users of this scam. We want our members to be aware of these scams.
Fraudsters have also exploited Johns Hopkins University’s interactive coronavirus dashboard containing an interactive map that tracks coronavirus statistics by region. Cybersecurity firms have identified several fake coronavirus interactive maps that infect user devices with credential-stealing malware. Fraudsters are circulating links to these malicious websites containing coronavirus maps through social media and phishing emails.
Security blogger Brian Krebs reported several Russian cybercrime forums started selling infection kits that exploit Johns Hopkins University’s interactive coronavirus dashboard as part of a Java-based malware deployment scheme.
There have also been reports of other coronavirus-themed phishing campaigns aiming to spread malware, including:
Coronavirus advice-themed phishing emails purporting to provide advice on how to protect against the virus. The emails might claim to be from medical experts near Wuhan, China, where the coronavirus started.
Workplace policy-themed phishing emails about the coronavirus pandemic targeting an organization’s employees. For example, the emails may purport to come from the organization’s HR department alerting employees to a new pandemic policy.