Risk & Fraud

Keeping Your Credit Union Members Safe from Coronavirus Scammers

By: Gene Fredriksen, Security Strategy Consultant

A common technique among internet and email scammers is to take advantage of public concerns and fears. Today, that means that scammers are capitalizing on the fear surrounding the emergence of the coronavirus (COVID-19) – from health and safety concerns to apprehension around financial market impacts. During this critical time, a proactive focus on the safety and security of our credit union members is more important than ever. Below are helpful tips that can be shared with your members to safeguard against coronavirus-related fraud.

Beware of Bogus Products and Investments
As scammers prey on coronavirus fears, we’re witnessing an uptick in the sale of bogus products like masks, immune system boosters and sanitizers. If you aren’t able to find a hand sanitizer at your local store, it doesn’t make sense that a random source on the internet would have an unlimited supply for sale. When an offer sounds “too good to be true,” verifying product credibility through research is key.

Also, be wary of “investment opportunities” related to the coronavirus. The U.S. Securities and Exchange Commission (SEC) is warning people about online promotions, including through social media, claiming that the products or services of publicly-traded companies can prevent, detect or cure coronavirus. Don’t get caught in a stock scam; always seek professional advice.

Know Your Charities
Another path that scammers are taking is soliciting for bogus charities. We all want to help; the scammers know that if they tug on our heartstrings, our wallets will usually open. The scams often look like they are helping locally or for specific groups you support. Before you contribute, be sure to research new charities thoroughly. Check with the Better Business Bureau for complaints, or one of the online sites that track charities such as GuideStar, CharityNavigator or CharityWatch.

Watch Out for Phishing
The third foundational scam to be aware of is the use of phishing emails to take your money and get your personal information. As always, never click on an embedded link in an unsolicited email. It may download malware onto your computer. Protect yourself by making sure anti-virus software is on your computer and up-to-date.

Be suspicious of emails claiming to be from the Centers for Disease Control and Prevention (CDC) or “experts” saying that they have new, critical information about the virus. For the most up-to-date information, go right to the authoritative source. Go to the CDC and the World Health Organization (WHO) websites for current information. If you come across any suspicious claims, report them to the FTC at ftc.gov/complaint.

PSCU cares about your members’ physical and financial health. Its Fraud and Cybersecurity teams remain vigilant, watching for new scams and implementing controls to stop them. The first line of defense is awareness. Reminding your members to take extra precautions, such as those outlined above, is an important step in helping to keep them safe.

Gene Fredriksen is a co-founder and current executive director of the National Credit Union ISAO, the principal cybersecurity consultant with PureIT CUSO, and has also held the positions of CISO for PSCU, Global CISO for Tyco International, principal consultant for security and risk management strategies for Burton Group, vice president of technology risk management and chief security officer for Raymond James Financial, and information security manager for American Family Insurance.

He served as the chair of the security and risk assessment steering committee for BITS, and also served on the R&D committee for the financial services sector steering committee of the Department of Homeland Security. He also served as an advisor on various cybersecurity steering committees for the administrations of George W. Bush, Bill Clinton and Donald Trump, assisting in the preparation of the president’s Cyber Security Position Paper.