Posts

  • The 2020 COVID-19 holiday season is upon us. This year, consumers should be on the lookout for job scamsgiving scamsgrandparent scams and online shopping scams, to name a few.  
  • If anyone comes across an unknown message regarding the COVID-19 holiday season, they should ignore it and go directly back to the source to confirm the message’s legitimacy. 
  • People should take steps to protect their personal information when shopping online, taking part in holiday gatherings (both in person or via a video platform), at the gas pump, and when receiving electronic gifts. 
  • To learn more, contact the Identity Theft Resource Center toll-free at 888.400.5530 or via live-chat on the company website.  

COVID-19 has changed the way people live. Many people are working from home, there are restrictions on what people can do in public, and many businesses remain shut down or open at a limited capacity. It has also changed the way scammers attack consumers. 

The 2020 holiday season will also be much different than year’s past. According to IBM’s latest U.S. Retail Index Report, COVID-19 has accelerated the shift away from physical stores to digital shopping by roughly five years. 

Criminals may adopt new tactics to take advantage of the pandemic, but what will not be different is scammers’ and identity thieves’ ability to find ways to strike.  

Watch for COVID-19 Holiday Scams   

Here are some scams to watch for this COVID-19 holiday season. 

1. Job Scams – Much of the economy remains shut down or open in a limited capacity. Millions of people are looking to gig economy jobs like Uber, Lyft and DoorDash to get by. People could rely on gig economy jobs even more during the holidays to make extra cash. The Federal Trade Commission (FTC) reported losses of $134 million in 2019 to social media scams.

In the first half of 2020, the FTC already reported $117 million, with most scams coming from viewing an ad. Scammers may claim in advertisements that they can get shoppers access to premium jobs for the holidays with big tips in exchange for an upfront fee. Gig economy scams can also lead consumers to phishing websites that steal login credentials. 

2. Giving Scams – People typically give more to charities around the holiday season. However, with more families in need of help in 2020, we may see an even bigger increase in people making donations. Expect criminals to attack with giving scams, looking to steal people’s money and personal information. In fact, scammers have used giving scams to take advantage of people since the beginning of the pandemic.  

3. Grandparent Scams – Another popular holiday scam is the grandparent scam. A grandparent scam is where scammers claim a family member is in trouble and needs help. With the holidays here, scammers could pose as sick family members. 

4. Online Shopping Scams – Many more people will be shopping online this holiday season. According to the Better Business Bureau (BBB), 65 percent of people shopped online last year. This year, online shopping is expected to increase by 10 percent to 75 percent. With the increase in web traffic, consumers should be wary of messages claiming they have been locked out of their accounts. Scammers may send phishing emails making such claims while looking to steal usernames, passwords and account information.  

How to Protect Yourself from COVID-19 Holiday Scams 

While scammers will try to trick consumers, there are things people can do to protect themselves from a COVID-19 holiday scam. 

  • If someone comes across an ad for a job or a deal online that seems too good to be true, it probably is. Consumers should go back to the source directly by contacting the company to confirm the message’s validity. 
  • If someone receives an email, text message or phone call they are not expecting, ignore it. If any of the messages contain links, attachments or files, do not click or download them because they could have malware designed to steal people’s personal information or lead to a phishing attack. Again, consumers should reach out directly to who the caller, email sender or text message sender claimed to be or the company they claimed to be with.  
  • People should only donate to legitimate charities and organizations registered with their state.   Consumers can determine if a charity, non-profit or company is legitimate by searching for the charity’s charitable registration information on the Secretary of State’s website, looking for online reviews and Googling the entity with the word “scam” after it. 
  • No one should ever make a payment over the phone to someone they do not know or were not expecting to hear from. Scammers will try to trick people with robocalls to steal their sensitive information and commit identity theft. 

How to Protect Your Personally Identifiable Information (PII) This Holiday Season 

Identity Thieves will try different ways to steal people’s PII. It is crucial consumers can protect their PII during the holidays, and year-round, to make sure it does not end up in the hands of a criminal.  

1. At the Pump – More people will travel by car this year than usual. Travelers on the road should keep an eye out for gas station skimmers. Skimmers insert a thin film into the card reader or use a Bluetooth device at a gas pump to steals the card’s information that allows the thief to misuse the payment card account. If the pump looks tampered with, pay inside. Newer gas pumps use contactless technology and chipped payment cards that are very secure. Use those pumps if possible.  

2. Holiday Gatherings – It is always important to protect all personal information at holiday gatherings. While no one ever imagines a trusted friend or family member will go through their stuff, people fall victim every year. Keep wallets or purses with financial cards or I.D. cards within reach.  

3. Zoom and Other Online Video Platforms – Not all family gatherings will be in person in 2020 due to COVID-19. Some families will meet virtually via a video platform. When people use a video platform, it’s important they remember to secure the call by using strict privacy settings and not sharing any personal information with someone they don’t know.  

4. Shopping Online – With more people shopping online for the 2020 holiday season, people need to practice good cyber hygiene. Make sure to navigate directly to a retailer’s website rather than click on a link in an ad, email, text or social media post. Phishing schemes are very sophisticated these days and spotting a spoofed website of well-known and local brands can be difficult even for trained cybersecurity professionals. 

Consumers will still need to do their due diligence to ensure a business website is legitimate. There is inherently less risk of falling for a scam website by shopping at well-known retailers. It only takes a bit of homework to separate the scams from legitimate small online businesses. Using search terms like “Scam” or “Complaints” along with the website or company name can give people insight into the experience of other customers. 

When setting up a new online account, be sure to use multi-factor authentication. Multi-factor authentication creates a second layer of security to reduce the risk of a criminal taking over someone’s account. 

5. Electronic Gifts – With the advent of smart home devices, many gifts connect to the internet, presenting security risks. It is important consumers update the software on the device. It is also a good idea to have antivirus software installed on any computer, tablet or internet device if possible, along with a secure password on the home network router.  

For more information on how to stay safe during the COVID-19 holiday season contact the Identity Theft Resource Center toll-free at 888.400.5530 or live-chat with an identity theft advisor at no-cost.

For access to more resources, download the ITRC’s free ID Theft Help app.  


COVID-19 Could Lead to Increase in Travel Loyalty Account Takeover

Travel Safe with These Cybersecurity Protection Tips

Mystery Shopper Scams Resurface during COVID-19

With some businesses opening back up after temporarily closing due to the COVID-19 pandemic, scammers are trying to capitalize using online job scams to steal people’s personal information.

Recently, Scripps Health found hackers exploiting job seekers through phishing emails with Scripps Health-themed “lures.” Scripps sent the following email to warn their community members:

Image provided to the Identity Theft Resource Center by public

ATA Engineering, another San Diego-based company, reports they also are seeing similar-type online job scams.

The Identity Theft Resource Center (ITRC) has seen a rise in victims contacting the organization about online job scams, including phishing emails. Some of the particular job scams reported to the ITRC include ones from Indeed, Zip Recruiter, and Facebook. The ITRC has had more than 40 victims reach out about online job scams the last three months.

Who Is It Targeting

People looking for work amist the COVID-19 pandemic

What Is It

Either a fake listing posted on a job board or a phishing email, robocall, social media message, or text message looking for a response.

What Are They After

While scammers attack in different ways, they are all looking for one thing: personal information. They hope they can trick people who are desperate or vulnerable into giving up sensitive data like usernames and passwords, financial data, or Social Security numbers. Once scammers have that information, they can commit many different forms of identity theft.

How You Can Avoid It

  • Never click on a link or open an attachment from an email you are not expecting. Instead, go directly to the source to verify the validity of the message.
  • Review all emails and websites carefully to make sure there are no suspicious addresses, subject lines or URLs.
  • Be careful about how much personal data you share, at least during the application process. Do not turn over information like your Social Security number until you are hired.
  • Make sure you have the job, and it is legitimate, before giving away financial information like a bank account number or routing number for direct depositing of paychecks.

If you think you may have fallen victim to an online job scam, you can call the ITRC toll-free at 888.400.5530. You can also live-chat with an expert advisor on the company website.


Read more of our latest articles below

Mystery shopping has been around for a long time. Mystery shoppers help businesses, retailers and restaurants get information on the quality of their stores in exchange for money. In the past, scammers have found ways to turn the service into a mystery shopper scam, also known as a secret shopper scam. These scams are resurfacing during the coronavirus due to over 45 million people filing for unemployment and looking for some extra cash.

There are different forms of mystery shopper scams. One popular version of the scam is when scammers pose as retailers looking to lure people into being secret shoppers. They ask victims to pay for their products or training and then take off with their money. Fraudsters will also steal a victim’s personally identifiable information (PII) from the application they filled out and commit identity theft.

Another version of the mystery shopper scam includes fake checks. In this scam, the victim signs up to become a secret shopper through an online form – potentially giving away sensitive PII like Social Security numbers, date of birth and address. Then the victim is sent a check in the mail to use to secretly shop at a store. Once the check is posted to their bank account, the victim begins to shop as instructed. In some instances, the victim is told to buy reloadable cards and send pictures of them and their PIN card numbers from the back. Once the bank finds out the check is fake, the victim is on the hook for all of the money that they spent plus bank fees. This particular version of the scam lures victims in with a fake check, like the one pictured below that was sent to the Identity Theft Resource Center (ITRC) from a mystery shopper scam victim:

At first glance the check appears to be legitimate. However, while the check says it is to PNC bank, the routing number is for HSBC. Hanover Insurance Company also has a notice on their website about fraudulent checks.

The ITRC was also sent this letter that went along with the check:

While the letter also seems legitimate at first glance, the company listed is Assign Retailer Metrics Inc. instead of Hanover Insurance Company. The letter also asks people to take pictures of the card numbers and scratched PIN numbers and email them to a Gmail account instead of a company account. These are just a few signs that prove this is a secret shopper scam.

Mystery shoppers can be very effective for retailers because the secret shopper can buy whatever the retailer wants them to buy and then report back their experience. However, it can leave consumers looking for a way to make a little extra money in the difficult economy vulnerable to being taken advantage of by ne’er-do-wells. There are things people can do to reduce their risk of falling for a mystery shopper scam.

To avoid these types of scams, people should:

  • Never pay to be a mystery shopper – don’t wire money or  send a “deposit” via PayPal, Venmo, or Zelle
  • Do NOT give out PII on an application
  • Be wary if offered a lot of money for a simple task
  • Cash the check at an issuing bank or wait until the money has not just posted but cleared the other account; if the check is not good, the victim can return the cash into their account

There are also things people can do to spot a legitimate mystery shopping opportunity. People should:

  • Do their research on legitimate opportunities; search the internet for reviews and comments on mystery shopping jobs
  • Remember they are paid to be a mystery shopper (typically after the task is completed); they do not have to pay to do it

Anyone who believes they are a victim of a mystery shopper scam can live-chat with an ITRC expert advisor or call toll-free at 888.400.5530. Advisors will guide victims on the next steps they need to take.


You might also like…

Identity Theft Resource Center Announces Change to Board of Directors

Google Alert Scam Sends Fake Data Breach Notifications Embedded With Malware

Hackers Take Advantage of COVID-19 Closures to Launch Claire’s Data Breach