The COVID-19 pandemic has forced millions of Americans to work from home and scammers are trying to take advantage of the pandemic and the increased use of technology.
FBI El Paso Complex Financial Crimes Squad Special Agent Chris Goldschmidt said that across the nation the agency has seen a rise in internet and email scams due to the large number of companies having employees work from home.
“During the last few months with the COVID-19 pandemic, we are starting to see what I would describe as traditional frauds and swindles but capitalizing on the pandemic due to the unprecedented amount of people we are seeing teleworking and working from home,” Goldschmidt said. “Scammer will exploit people’s fear and develop platforms they think will be more successful in their scams. They take successful platforms that are already existing, and they tweak them a little bit to fit the current crisis.”
The FBI’s Internet Crime Complaint Center, also known as IC3, has received 750 reports of phishing scams in Texas with a reported loss of $130 million between January to June 15, Goldschmidt said.
The West Texas region has not seen as many cases as other parts of the state.
In West Texas, the FBI has received 26 reported phishing scams with a reported loss of $29,000, Goldschmidt said. The largest reported loss was $15,000.
“It is obviously less than the rest of Texas and the country, but that is still a loss,” Goldschmidt said. “That is dollar amount to an individual or company – small or large businesses. That is not a small chunk of change.”
More: IRS warns public of scammers using COVID-19 pandemic to steal money, personal info
More: FBI aims to combat sexual harassment, extortion by landlords during COVID-19 pandemic
The scams include email phishing scams using COVID-19 fears to get people to open the emails, go to websites and give personal information.
“COVID-19 email phishing campaigns continue to evolve as the pandemic reaches new stages and the world continues to react,” Goldschmidt said. “Early phishing operations focused on people’s fear of catching the virus by using lures related to coronavirus information such as statistics and maps. Later phishing emails capitalized on economic fears by using lures related to the federal stimulus package and small business loans.”
The FBI is recently seeing scammers focusing on exploiting the economic hardship brought on by the pandemic.
“Now, we are seeing scammers take employment fears such as the economy collapse and providing for one’s family as their latest lure for financial gain,” Goldschmidt said.
Goldschmidt said that the emails contain attention-grabbing subject lines such as “termination review meeting” and appear to be coming from the company’s human resources office.
The email then cites the current COVID-19 pandemic as the reason for downsizing and gives instructions on how to process out from the company, Goldschmidt said.
“It will direct the employee to click on a potentially malicious link,” Goldschmidt said. “What it is doing is taking that alarming subject line ‘termination review meeting’ and capitalizing on the fact that the reader or employee is going to be alarmed by that message and therefore taken off their game.They might not scrutinize the email address it is coming from or it might look at first glace that it is coming from the company’s domain or someone in the company.”
Scammers are also sending emails requesting and linking the employee to attend a video conference about the alleged termination.
“These emails contain links to fake teleconferencing login pages and use text like ‘join this meeting,’” Goldschmidt said. “Something you would normally see in whatever platform you are using. It uses the same language, so it appears at first glance to be legitimate.”
Once the employee clicks the link, they either create new login credentials or enter existing ones for the platform.
“At that point, their credentials become compromised,” Goldschmidt said. “If you use those login credentials for any other platform, obviously those are compromised as well. That is not uncommon. A lot of people use the same password and same username.”
Goldschmidt added that people are urged not to use the same password for different platforms and websites.
Scammers are not targeting one specific platform such as Skype or Zoom, but are using any perform that is commonly used by teleworkers.
More: Here is how to help the FBI prevent another mass shooting in Texas
More: El Paso man arrested for racist video threat to kill Black Lives Matter protesters
There are many steps employees and companies can do to protect themselves from scammers, Goldschmidt said.
These include being alert to scams, checking emails, especially with alarming subject lines, to make sure they come from the employees’ company website domain and from an employee that works at the company, and never opening attachments from unknown email addresses.
“Don’t panic,” Goldschmidt said. “Stop and take a moment. Read the email carefully. Don’t fail victim to the pressure they (scammers) are expecting and counting on for you to respond to. Take a second, third and fourth look at the email address. Is it correct? Is there a misspelling?”
Also, if the email doesn’t allow the recipient to see the actual email address it was sent from is a red flag, Goldschmidt said.
He added never respond to an email you believe may be a scam. Employees should check with their employers to verify if it is a legitimate email.
Victims are asked to report the scams to the FBI’s IC3 website at ic3.gov. They can report the incident to the U.S. Department of Justice’s National Center for Disaster Fraud hotline at 866-720-5721 or email email@example.com.
Want more coverage on issues that matter to you? Consider supporting local journalism with a subscription to the El Paso Times.
Aaron Martinez may be reached at 915-546-6249; firstname.lastname@example.org; @AMartinezEPT on Twitter.
Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.