1 April 2020

Stay alert for COVID-19 scams

Scammers never rest and they’re also happy to exploit a pandemic it seems. Several New Zealand organisations have released details of scams using COVID-19 to lure people in, along with tips on how to avoid them.

Netsafe says the scams typically have a similar theme - trying to get hold of your personal information and financial details. It says emails and texts might claim to ‘cure’ COVID-19 with teas and oils, or lead you to fake websites selling things like medical-grade masks.

Meanwhile, government cyber security agency CERT NZ reports attackers using the pandemic to trick people into donating to a fake WHO COVID-19 Response Fund; paying a bitcoin ransom or risk their family being infected with COVID-19; or downloading malware from COVID-19 pandemic-tracking maps.

Waikato Police also recently posted a Facebook update about a scam involving a pre-recorded voicemail which claims your coronavirus test results have come back positive. It then asks for your credit card details for medication to be sent to you.

With many New Zealanders working from home or in self-isolation, the prevalence of Netflix phishing emails has also increased, the BNZ bank says on its website. These phishing emails suggest your Netflix subscription has lapsed, and ask you to follow a link to update your payment details.

Cold calls offering investments in industries experiencing high demand due to the virus, such as pharmaceuticals can be added to the list of potential scams too, according to the Commission for Financial Capability (CFFC).

“People have enough to worry about without scammers taking advantage of this crisis,” says Bronwyn Groot, CFFC’s Fraud Education Manager.

“Fraud networks are sophisticated, and their techniques are more likely to succeed when people are distracted or stressed.”

Groot says there are red flags to watch out for, and that most phishing email attempts can be avoided by following these steps:

  1. Always check the email address to make sure the sender is who they say they are. Hover your mouse over the email address to check whether the address that pops up is the same as the one presented in the sender bar.
  2. Never open any attachments unless you trust the sender.
  3. Never click any links unless you trust the sender. Again, hover your mouse over the link to check whether it looks odd.
  4. If you're not sure, it's best to delete the email.

Suspicious emails can be reported to CERT NZ and it’s a good idea to make sure you have up-to-date anti-virus software installed. Cold calls with investment offers are illegal and can be reported to the Financial Markets Authority.

Regarding bogus texts and phone calls, Groot says not to click links you’re unsure of and if you’re suspicious of any caller, hang up – you can always call back on the official number and check. Remember, health officials will not ask for passwords, or expect payment for tests, she says.

Get more advice on how to guard against scams at CFFC, Netsafe and CERT NZ.

People have enough to worry about without scammers taking advantage of this crisis.

People have enough to worry about without scammers taking advantage of this crisis.