Practical Tips to Help You Avoid Taking the Bait of COVID-19 Loan Phishing Scams
Risk Management Question
What precautions can lawyers, staff, and law firms as a whole take to mitigate the risk of falling victim to the latest COVID-19 scam involving phishing for personal information by dangling eligibility for bogus government-sponsored loan programs as bait?
The Issue
On January 13, 2020, the Federal Trade Commission (FTC) issued a warning regarding a new phishing exploit targeting business owners and promising eligibility for a "personal/business loan of up to $250,000" from the "Small Business Administration Office of Disaster Assistance." The sham email asks the recipient to provide personal information, including a social security number.
The FTC also warned of websites that con artists use to deceptively claim affiliation with the Small Business Administration (SBA). In some instances, businesses have been contacted directly to repay loans that did not exist. The FTC believes fraudsters may have "combined bits and pieces of stolen personal information to get a loan in someone else's name or the name of their company."
Risk Management Solutions
Law firms, their employees, and their clients should consider taking some or all of the following actions, including those recommended by the FTC:
- Be especially cautious of unsolicited loan applications
- Don't share sensitive personal information without verifying the recipient
- Check your credit report regularly
- Freeze your credit for an added layer of protection
- Seek out reliable sources of information
- Do not use search engines to seek official websites, go straight to sba.gov instead
- Report events of fraud to the FTC
Above all else, be cautious and use common sense if you receive an email from someone claiming to offer access to government-sponsored loans.