With the election season winding down, and a new administration announcing plans for the future, there will be another factor that contributes to the uncertainty of our times. (When does the list of uncertainties stop growing, I wonder?)
And again, we find hackers and cybercriminals in a power position to take advantage of our uncertainty of not only what is true, but also who to look for when it comes to dispersing accurate information. This isn’t discrediting any individual or organization, but we can all agree to admit, chaos can prevail in the current climate of COVID-19.
We see this in a recent warning from the Internal Revenue Service to not click on any text messages that you receive which claim to have economic stimulus check information in them. Victims are instructed to provide banking information for the $1200 check to be deposited into. This trick is just another way that online crime is being committed against unsuspecting consumers – the same consumers who are likely vulnerable and looking for assistance during the pandemic.
To confirm, the IRS will never ask you for your banking information via a text or phone call and will not send unsolicited texts and emails that are asking you for personal information. If you receive any of the above, get the contact information for the caller, or close the website and go to the official IRS website to call in and inquire about the request or demand. Remember, hackers can disguise links to look legitimate, but most – if not all, government websites should end in the .gov extension – but that does not always ensure it is safe! This is just a factor that can help to determine legitimacy.
This current scam takes you to a site that appears legitimate, and you may be inclined to enter banking information – do not do it. The verbiage will alert you that you’ve already received the stimulus check, you just need to accept it – do not do it. Do not click on the link. The Get My Payment site that you are likely being redirected to is not legitimate, even if it looks like the real one.
If you receive this text, screenshot it and email it to email@example.com along with the date that you got the text, the phone number from which it came from, and your own number. And don’t forget to implement a strong education program within your organization’s cybersecurity plan.