Hackers are getting more clever with social engineering tactics, especially through COVID-related campaigns, putting you and your organization at risk of handing over sensitive data and credentials.
Simply put, social engineering is the non-technical strategy cyber attackers use to manipulate people into giving up confidential information. Instead of exploiting vulnerabilities in an application, they find vulnerabilities within humans.
Even with the most sophisticated security technologies in place, falling victim to social engineering tactics puts your business or yourself at a higher risk of bad actors achieving their goals.
Social engineering is nothing new – however, the pandemic has created a huge surge in people’s reliance on IT, from communicating with family or friends to maintaining productivity at work.
This increased dependency on work-from-home and online footprint has made us a much easier target for social engineering attacks, so it is important now – more than ever before – to be mindful of who we are interacting with over the phone and over the Internet.
Common social engineering hacks that have risen during COVID:
Emails or calls posing as someone in your organization’s IT department which ask you to click a link or provide a two-factor authentication code and bypass multi-factor authentication (MFA) controls.
“Officials” from your local government or healthcare agency, or insurance carrier, who ask for personal information.
Unsolicited requests for account changes or information via email alone.
A few recommendations for you:
Closely inspect any unknown email address to verify it is legitimate before clicking on links or attachments.
Do not provide information about your organization to outside entities without proper authorization.
Double check a request’s legitimacy by calling or contacting the company or internal department directly.
Awareness that social engineering attacks are increasing alone is an instrumental step towards protecting yourself and your organization against a successful cyber attack. If you are suspicious about an email, report it to your IT organization’s staff immediately and don’t answer any calls you are not expecting.
Las Vegas, NV – On April 13, 2020, Nevada Attorney General Aaron D. Ford and U.S. Attorney Nicholas A. Trutanich announced the formation of the Nevada COVID-19 Task Force. The Task Force is comprised of local, state and federal investigators and prosecutors with significant experience in handling complaints and cases related to general fraud, heath care fraud, Medicaid fraud, insurance fraud, workers’ compensation fraud and cybercrime, among others. Together, they will share information and resources to protect Nevadans from those using the COVID-19 pandemic to take advantage of consumers.
All participating agencies will take information, tips and complaints from the public, as well as other local law enforcement agencies seeking the Task Force’s assistance. The Task Force will share resources to monitor, identify and investigate misconduct most effectively and efficiently as possible. “Sadly, it is all too common for fraudsters to take advantage of the public during times of great distress and hardship,” said Attorney General Aaron D. Ford. “From day one, I’ve focused on protecting Nevada families and consumers, and I’m proud that my office continues to be on the front lines of fighting fraud and helping Nevadans in need. With a united front, we’re showing fraudsters they have no business taking advantage of Nevadans.”
“Our top priority is protecting Nevadans during this public health crisis,” said U.S. Attorney Nicholas A. Trutanich. “I am committed to marshalling the full spectrum of capabilities my office and our federal law enforcement partners can bring to support the Task Force’s important mission of protecting our vulnerable populations from fraudsters. I urge citizens to contact the Task Force with information and tips.”
The Nevada Attorney General’s Office and U.S. Attorney’s Office caution residents to be wary of potential scams such as these:
Diagnosis Testing Scams: Scammers offer fake COVID-19 testing kits, particularly door-to-door. Treatment/Cure Scams: Scammers offer fake or unproven treatment regimens that are particularly dangerous because they have the potential to do more harm than good. Charity Scams: Virtually every time there is a disaster or emergency, scammers set up fake charities to solicit donations that they then spend on themselves. Overinflated prices: The Task Force will use every tool available to hold sellers accountable who unlawfully use the COVID-19 pandemic to unreasonably inflate prices. Investment Scams: Scammers make false claims about tests, cures and other matters related to COVID-19 in order to entice victims to make investment decisions based on those false claims that allow the scammer to steal money and assets from Nevadans. Cyber Scams: Scammers send victims emails related to COVID-19 that appear to be from the victims’ banks, health care providers, the World Health Organization, the Centers for Disease Control and Prevention (CDC), and others for the purpose of obtaining the victims’ personal identifying information and exploiting it for the scammers’ own benefit. App Scams: Scammers are creating and manipulating mobile apps designed to track the spread of COVID-19 to insert malware that will compromise users’ devices and personal information. Insurance, Workers’ Compensation and Medicaid Fraud: Businesses and government agencies are not immune to scams. They should also be vigilant to ensure scammers do not take advantage of their businesses or customers during this pandemic. Economic Impact Payments (Stimulus Checks): Scammers pretend to be government officials offering false payments in order to obtain personal identifying information including social security and bank account numbers
Fifteen agencies are a part of this Task Force including:
• Office of the Nevada Attorney General
• U.S. Attorney’s Office
• Federal Bureau of Investigation
• U.S. Secret Service
• Internal Revenue Service – Criminal Investigation
• Drug Enforcement Administration
• U.S. Department of Health and Human Services’ Office of Inspector General
• Department of Veterans Affairs’ Office of Inspector General
• Department of Education Office of Inspector General
• Small Business Administration Office of Inspector General
• U.S. Postal Inspection Service
• Treasury Inspector General for Tax Administration
• Nevada’s Secretary of State’s Office
• Washoe County Sheriff’s Office
• Las Vegas Metropolitan Police Department
If you are in danger or experiencing a true emergency, please call 911. If you have been victimized by any crime related to the COVID-19 pandemic, please report your experience to the Attorney General’s Office (ag.nv.gov/Complaints/File_Complaint/) and the National Center for Disaster Fraud (NCDF) hotline at 1-866-720-5721 or by e-mailing the NCDF at [email protected] In your email, please provide the following information: • Your full name and contact information; • The dates on which you were victimized; • The location of the incident (including city and state); • A brief description of the crime; and • The name(s) and contact information of the perpetrator(s) (if known).
Tips on how to avoid falling victim to these scams: