As we all continue to do our best to shelter in place, our coronavirus article series continues with these tips to keep you, your bank account, and your PC as safe as possible.
A New Era for Old Scams
The following are all recently devised variations on more shopworn efforts to try and part you from your money or property. With some protective measures, you can successfully stay safe.
Early registration for vaccine. There have been reports of people going door to door in neighborhoods pretending to offer early sign-up for a nonexistent coronavirus vaccine. Sometimes folks are asked to give personal information, other times pay an up-front fee. There are far less frequent reports of perpetrators trying to sweet-talk their way into homes in order to steal property.
There currently is no federal, state, or local government body offering early registration for a coronavirus vaccine, and you should not open your door or interact with anyone claiming to be from such an agency.
Fraudulent billing calls. Another virus-related scam that has emerged recently is someone pretending to be a doctor or medical billing professional calling and asking for medical bill payment on behalf of a relative. For starters, never give bank account or credit card information over the phone.
Except in extremely rare and specific cases, know that hospitals and clinics do not call the loved ones of patients regarding unpaid medical bills. If you have personally been to the doctor, always independently verify with an outbound call to your doctor or hospital whether there are legitimate outstanding medical bills due.
Emails pretending to be from the WHO or the CDC. Scammers have been sending emails that seem like they are from legitimate health organizations, a variation on an older phishing scheme that sends communication appearing to be from your bank. Inevitably these scams ask for login credentials and/or banking information.
All correspondence from seemingly legitimate institutions should trigger you to carefully scrutinize the sender’s email address. This goes especially for any organization that is asking for personal data of any kind. Avoid clicking on attachments or replying to anything that you have not independently verified by searching online for the actual organization’s website link structure.
Increased Cyberthreats
As schools shutter and home education continues to flourish, cybercriminals see increased opportunity. This is partly because the sheer number of computer users online is good for phishing odds. It also helps that infrequent users who have previously not given much thought to online security are now signing in and spending lots of time exposed online, trying to educate their children with remote-learning software and other unfamiliar tools.
The increase in cybercrime doesn’t bode well for the many Windows 7 users who were recently dropped from receiving Microsoft’s critical security updates.
From a business perspective, as companies switch to staff working from home—also referred to as a distributed workforce—the increased decentralization can lead to security problems your office’s old IT department used to thwart with a centralized firewall. Cybercriminals are keenly aware of this, and ramping up attacks in home environments. Many at-home workers use work and personal devices interchangeably, which makes them a favorite target right now.
It is therefore more important than ever to:
- Have real-time AV protection such as System Shield
- Install Malware Killer on-demand malware remover in case your PC does become infected
- Run Malware Killer scans regularly to look for new threats
More Credit Card Fraud
Identity and credit card theft are also on the rise. Reports of fraudulent credit card charges—often in the hundreds of dollars for basic supplies like bathroom tissue—have skyrocketed. Do everything you can to protect your cards when making online purchases. ByePass is a secure password and credit card manager that sees to it you never have to store your passwords or card information in your web browser, where it can be easily hacked.
ByePass locally encrypts your passwords and credit card info in one stored place, calling them up to autofill login info only when you need them. ByePass is available as a standalone browser extension and Android/iOS mobile app, as well as one of the features within System Mechanic Ultimate Defense.
Hacker’s Delight: Video Calls
Video conferencing apps like Zoom, Google Hangouts, Houseparty, Skype, and WebEx have seen an explosion in their usage since the arrival of the coronavirus. Unfortunately, thousands of personal videos have been left viewable on the open web, raising a relatively new privacy risk to millions of people who are using these apps for the first time.
The recent Zoom hacks revealed personal information and intimate at-home conversations. The Washington Post reported that among these were “one-on-one therapy sessions; a training orientation for workers doing telehealth calls that included people’s names and phone numbers; small-business meetings that included private company financial statements; and elementary school classes, in which children’s faces, voices and personal details were exposed.”
How did this happen? Video conferences are almost always not recorded by default, but hosts can often choose to record them and save to online servers or their own computers without participants’ consent. In Zoom’s case, many of the videos appear to have been recorded through Zoom but saved onto separate online storage, without a password. Here are steps you can take to help secure your online video calls:
- Don’t record. The easiest way to protect your videos as a host is to avoid recording them.
- Give each video a unique name. Zoom gives a video a highly predictable name by default. When saving a video to your computer, rename it so a stranger cannot guess it and search for it through one of the free search engines that scans open web directories.
- Make your upload sites private. Dedicate a favorite online file-storage site to your video calls, and set it to private viewing-only. Amazon, YouTube, Dropbox, and Vimeo all allow you to password-protect your content.
- Limit Meeting ID-sharing. Rather than sharing publicly, send your Zoom Meeting ID directly to the people who are to attend the call.
- Password-protect the call. Only share the password with the people attending.
- Set screen sharing to Host Only. This precaution prevents “Zoombombing” trolls from blasting disruptive texts or images to meeting participants.
- Approve each entrant. Zoom has a waiting room feature that keeps participants from joining the meeting until the host approves.
This article is part of a series on safeguarding and getting the most out of technology during the coronavirus.
To read tips on getting the most out of working from home, click here.
To achieve faster internet for smoother browsing, streaming and gaming, click here.
To learn how to safely disinfect phones, PCs and other devices, click here.