Phone Scams and Phishing Attacks
Phone Scams
CDC has become aware that members of the general public are receiving calls appearing to originate from CDC through caller ID, or they are receiving scammer voice mail messages saying the caller is from the Centers for Disease Control and Prevention (CDC). Some calls are requesting donations.
Downloadable apps and some free websites now make it simple for anyone to “spoof” a phone call and make it appear to come from any phone number. This is usually done by unscrupulous salespeople, in hopes that people are more likely to pick up the phone if the caller has a number similar to theirs.
Unfortunately, current technology doesn’t make it easy to block these spoofed calls, either on business or personal phones. A spoofed call does not mean that anyone’s telephone has been hacked, so you can simply hang up.
These calls are a scam and are referred to as “government impersonation fraud,” meaning criminals are impersonating government officials for nefarious purposes. Scammers are becoming more sophisticated and organized in their approach. They are technologically savvy and often target young people and the elderly.
To protect yourself from falling victim to these scams, be wary of answering phone calls from numbers you do not recognize. Federal agencies do not request donations from the general public. Do not give out your personal information, including banking information, Social Security number or other personally identifiable information over the phone or to individuals you do not know.
You can also report these calls to the Federal Communications Commission (FCC).
Phishing Attacks
Malicious cyber criminals are always attempting to leverage interest and activity in public health emergencies to launch themed phishing emails. These phishing emails contain links and downloads for malware that can allow them to take over healthcare IT systems and steal information.
It is critical to stay vigilant and follow good security practices to help reduce the likelihood of falling victim to phishing attacks.
- Don’t open unsolicited email from people you don’t know.
- Be wary of third-party sources.
- Hover your mouse over links to see where they lead.
- Do not click links in emails. If you think the address is correct, retype it in a browser window.
- Be wary of attachments in any email.
- Do not supply any personal information, especially passwords, to anyone via email.
Additional resources:
- Department of Homeland Security Cybersecurity & Infrastructure Security Agency (DHS CISA)
- Federal Trade Commission (FTC) COVID-19 scams
- Department of Justice (DOJ)