Cybercriminals Exploit COVID-19 In a time when people are looking for answers and information to protect themselves, cybercriminals are using this environment to ramp up their cybersecurity threats. Malicious Email Schemes The confusion and evolving circumstances surrounding Covid-19 has created an environment ripe for cybercriminals to exploit the unsuspecting. Malicious emails promoting maps on the spread of the virus, fake vaccinations for sale, and prophylactic gear have already been circulating, some include: *A phishing email campaign disguised as a public service announcement from the World Health Organization (WHO) regarding Covid-19; there are various versions, but one I heard personally from a friend stated that he had been flagged as someone who has come in contact with someone who has the virus. When the email button is clicked it brings you to a fake landing page that looks like the real WHO website, with a malicious login designed to collect your email password. *Over 4000 website domains relating to the outbreak have been registered since January 1, 2020. Of those sites 3-5% have been confirmed to be or are suspected to be malicious. *The distribution of malicious software trojans have also been reported on Covid-19 related emails. These emails are designed to deliver various forms of ransomware and other malicious tools to achieve data theft, extortion or operational disruption. How to spot a fake email and landing page: Note any spelling and grammatical errors.*Watch for button links to non-secure sites (HTTP)*Observe and separately confirm if a link goes to the real site you are intending to go to.*Suspect pop-ups asking you to verify your email, password or other personal information. Investment Scams: Fraudsters love to take advantage of global events like the current pandemic to lure potential investors promising them significant rates of return. A common way to do this is through pump-and-dump schemes involving publicly traded small ‘shell’ companies. Here’s what you need to know about these schemes: *These fraudulent penny stock companies may have limited or untrue publicly available information about the management team, their products, services and their finances. *Scammers spread positive (but false) information that lures unsuspecting investors to purchase the stock. The false information may be spread through hyped-up news releases, social media or paid promotional campaigns through other individuals, companies or websites. The more people who buy the stock, the more pumped up the price becomes. *The fraudsters then quickly ‘dump’ (sell) their stock before the hype ends, resulting in a substantial payout for them. The stock price then plummets, and the unsuspecting investors lose their money. At this time there is no vaccine or any natural health product that is authorized to treat or protect against COVID-19. Be aware of any company offering a solution to help stop the coronavirus outbreak. Lastly, the Canadian Securities Administration (CSA) has informed us (financial community) that there are scam artists using the fear around Covid-19 to attempt to steal investor’s money. If you are contacted by anyone with warnings about your investments or finances DO NOT give out any personal information and contact me (your financial adviser) or your bank separately, after independently verifying the phone number to ensure the caller is legitimate. As always, please don’t hesitate to contact me if you have any questions or concerns regarding your investment portfolio, or how the recent market volatility might affect your personal financial plan. I sincerely wish everyone good health, strength and grace during this difficult time. Have a great weekend, Tracey Sources: Mutual Fund Dealers Association of Canada; Bulletin #0816-M, Canadian Securities Regulators;