The Hawaii Police Department said Friday that during the COVID-19 pandemic, it has experienced an increase in reporting of financial crimes by individuals and businesses.
Those include identity thefts, theft offenses related to credit cards, computer-related crimes, forgery and financial exploitation.
“We’ve certainly had an uptick in fraud-type incidents,” said Lt. Rio Amon-Wilkins of the department’s Criminal Investigations Section in Hilo.
For example, he said there has been increase in scam calls to people’s cellphones.
“And then there’s been a fair amount of mail thefts … people reporting that credit cards and loan applications were applied for and granted in their name,” he said. “There’s also been a handful of cyber crime issues involving apps. Somehow, these mobile apps are being linked to people’s bank accounts, and (criminals) are able to withdraw money from there. They’re able to withdraw great sums of money from their checking and savings accounts, and tracing that is extremely difficult.”
“Particularly during crisis situations, there is always an uptick in bad actors who take advantage of honest people,” said Krishna Jayaram, a special assistant to the state attorney general. “During this pandemic, we urge our communities to exercise extra caution and follow the recommendations of the Hawaii Island police.”
Police say many of the offenses are sophisticated crimes perpetuated by cyber criminals through “phishing” and “spoofing” — which are fraudulent attempts to obtain sensitive information such as user names, passwords and financial information by electronic communication.
Forms of communications include emails, phone calls and websites that originate from an unknown source but appear as being from a known or trusted source. The goal is to gain access a victim’s personal financial information, or spreading malware through infected links or attachments.
With the heavy reliance of computers, mobile devices and networks due to the COVID-19 pandemic, cyber criminals are exploiting the vulnerability of individuals and businesses through data breaches of financial accounts. They also are targeting online shoppers, as well as focusing on stealing stimulus payments, unemployment benefits and paycheck protection program payments.
“Social distancing and lockdowns are not slowing the business of fraud,” said Keali‘i Lopez, AARP Hawaii state director. “The pandemic — and having more people staying home and working from home — has given scammers more opportunities to come up with new ways to take your money.
“We’re seeing it at AARP Hawaii in the kinds of emails and text messages we’re getting. For example, one of our staff recently got text messages that appear to be a package scam, something the Federal Trade Commission recently warned us about. Don’t click on the links in emails or text messages. Even messages from friends or government agencies can be spoofed and may not really be from them.”
Package scams are a phishing scam where the victim receives an email saying they have a package waiting for them and contains a link. That link leads to questions that ask for financial and personal information that shouldn’t be given to unknown parties, and also allows the scammers to download malware on the victim’s device that could steal passwords and financial information.
While not totally eliminating the possibility of becoming a victim, police recommend taking the following precautions.
Conduct regular checks of your banking statements for accuracy and report any irregularities to your financial institution.
If your occupation requires you to work from home, you should consider a separate router to separate your home and work network traffic and using the strongest security configuration for online protection.
When examining an email to determine its legitimacy, look for unusual phrases, grammatical or spelling errors, or transposing of letters in the URL, also referred to as the “web address,” because these are often indicators of spoofing or phishing attempts.
Don’t click on unfamiliar links or download attachments you may receive in any emails. Instead, delete them.
If using mobile or computer applications to perform banking online, set up strong passwords and change them regularly.
You should also set up “two-factor authentication” which involves logging into your account with your user name and password and requiring a time-sensitive code sent to the device which needs to be entered by the user for verification.
If you receive a mobile or land-line call from an unknown or unfamiliar number, do not answer it. Instead, let the call go to your voice mail. These “robocalls” often use applications to display an area code from your area along with a random or unused phone number. If you happen to answer the call or hear a recording, do not provide any personal or financial information. Simply hang up.
To prevent further robocalls, consider looking for a “call-blocking solution” or download the “donotcall” app from the Federal Trade Commission’s website.
Finally, if you become a victim of a financial crime, prepare a packet that includes your financial statements as well as documents supporting the crime, such as emails, invoices, receipts, and others, to turn over to police when reporting the incident. It is recommended that you also retain a copy of all of your documents for file.
“Stay vigilant. Log into your accounts regularly,” said Amon-Wilkins. “If you see any suspicious activity at all, contact the police and contact the financial institution. And I always recommend not putting anything with a check or anything with confidential personal information in your mailbox at home. You should take it to the post office.
“… It think it’s also a great recommendation for people to get mailboxes that lock, so when you do put mail in there, it’s a lot more difficult for people to steal it from the box.”
In addition, the AARP Fraud Watch Network offers resources and help for victims of fraud. It’s available at aarp.org/fraud or by calling 1-877-908-3360.
“Whether they are phishing with emails from your utility company or calling pretending to be contact tracers, the bottom line is they are trying to get your data and your money,” Lopez said.
Email John Burnett at email@example.com.