Scammers are continuing to use the coronavirus pandemic as cover for schemes to steal personal information and money, the IRS has warned.
According to a statement, the IRS Criminal Investigation unit has seen “a tremendous increase in phishing schemes utilizing emails, letters, texts and links.” The schemes typically use keywords such as "Corona Virus," "COVID-19," and "Stimulus” in phishing email subject lines.
“These schemes are blasted to large numbers of people,” the IRS added.
A scammer might try to get you to pay a fee to get your stimulus payment. Other tactics they may also use include tricking people into giving them their Social Security number, bank account or government benefits debit card account number.
The IRS will never contact you by phone, email, text message, or social media with information about your stimulus payment. Nor will it ask you for your Social Security number, bank account, or government benefits debit card account number.
Cybersecurity firm Check Point software said this week that it is seeing a stimulus payment scam that purports to come from the World Health Organization with the subject line “Stimulus Package for you” promising large sums of money. New IRS scams are popping up as well.
During May, more than 1,200 new Stimulus/Relief package related websites were registered, 3 percent (37) of them were found to be malicious and another 2.5 percent (30) were found to be suspicious, Check Point said.
Secret Service Assistant Director Michael D’Ambrosio testified this week that coronavirus-related fraud could lead to $30 billion in federal relief funds being stolen by criminals.
“We are entering the ‘Post COVID Era’ relative to cybersecurity, meaning the attack volume and vectors are shifting as the attackers are learning new ways to gain malicious access to the public's personal information or finances,” Mark Ostrowski, Head of Engineering, Check Point Office of the CTO, told Fox News.
This follows a report from Check Point in April, where it said new website domain registrations soared in the wake of the $2.2 trillion stimulus package, with nearly 30 percent found to be suspicious out of the 2,000 or so new domains registered in March.
During the week leading up to April 16, Google saw more than 18 million daily malware and phishing emails related to COVID-19 scams on top of the 240 million daily spam messages it sees related to the pandemic.
SCAMS ARE WIDE-RANGING
The IRS pointed to other COVID-19 scams it is seeing, including fake at-home test kits, fake cures, vaccines, pills and advice on unproven treatments for COVID-19.
Another variety tries to sell medical supplies through fake shops, websites, social media accounts and email addresses. In these cases, unsuspecting buyers will never receive the product after paying for it.
Other COVID-19-related scams include fake charities to solicit donations and bogus “opportunities” to invest early in companies working on a vaccine for the disease, the IRS added.