Skip to Content
© Narong Rotjanaporn | Dreamstime.com
Security & privacy

If you get this gift card in the mail, beware – it’s a trap

Americans are feeling the impacts of the coronavirus in many ways and it’s hit the economy and our bank accounts extremely hard. Businesses are closing, employees are getting laid off across the U.S. and there have been nearly 10 million new unemployment claims in the past two weeks.

It’s definitely a struggle out there but you do have some options. There are essential jobs in high demand and companies are hiring now. Tap or click here to see the 10 most in-demand jobs in the U.S. and who’s hiring.

Some companies are trying to attract customers by offering freebies, hoping they’ll buy more stuff and help increase business. But beware, not all of these free offers are legitimate and could actually be an attempt to rip you off.

Malware in your snail mail

We’re always warning you that cybercriminals will do whatever it takes to find their next victim and this latest attack just drives that point home. You’re not going to believe the elaborate scheme making the rounds now.

Normally, you have to be super careful navigating life online to avoid cybercriminals. They even take advantage of dire situations like the coronavirus pandemic. Tap or click here for 8 tips to avoid coronavirus scams. Now, scammers are bringing the nastiness to your home.

Here’s what’s happening. People are receiving what appears to be a thank you letter from Best Buy for being a loyal customer. With the letter comes a $50 Best Buy gift card and a free USB drive.

To take advantage of the gift card, you’re instructed to plug the USB drive into your computer to find out which items you can buy with it. But here’s the rub: It’s a scam.

Not only is the gift card worthless but the USB drive is loaded with malicious code. Researchers at Trustwave tested one of these USB drives and found it packed with malicious code ready to infect any PC it’s plugged in to. Here’s an example of a scam letter you might find in the mail.

Trustwave

The scammers behind this attack are very tech-savvy. They programmed the USB drives to emulate a USB keyboard. Since PCs trust those devices by default, they’re able to infect your computer with malware the moment the drives are plugged in.

How to protect against malware

The Best Buy scam isn’t the only way criminals are getting malicious USB drives to unsuspecting victims. Some are actually sending care packages to “uplift people’s spirits” during this pandemic.

You may also like: Hackers spreading malicious coronavirus maps – use this one instead

The FBI said people have reported receiving things in the mail like a stuffed teddy bear along with a USB drive. The same warning applies here. These USB drives are also filled with malicious code that could infect computers as soon as they’re plugged in.

So, what can you do to protect against these malware attacks?

Never trust an unknown USB drive

First and foremost, never plug a “free” USB drive into your computer. There’s a good chance it’s loaded with malicious code.

Believe it or not, we’ve heard reports in the past of people finding USB drives lying on the ground in parking lots, picking them up and using them at home. Horrible idea! USB drives are very inexpensive, which is why scammers are using them for schemes like these.

Back up critical files

One of the payloads for an attack like this could be ransomware. If you plug a malicious USB drive into your device, there’s a chance all of your critical files will be locked down by the scammer and they’ll charge you a ransom just to regain access.

That’s why it’s always a good idea to back up your files before something like this happens. If your device gets encrypted with ransomware, you won’t lose anything.

Make sure to use a backup company you can trust. We recommend IDrive. Save a whopping 90% when you sign up at IDrive.com and use promo code Kim at checkout. That’s less than $7 for your first year!

Watch for phishing attacks

While this malicious USB drive scam could be found in your snail mailbox, it’s very rare. Most of the time cybercriminals will try to infect your device with malware through emails or texts.

That’s why it’s very important to avoid clicking on links or opening attachments in unsolicited messages. It could be a phishing attack and those links and attachments could result in your device being infected with malware.

If you need to conduct business with a company, it’s best to type its address directly into your web browser so you know you’re on the official site and not a spoofed version. Also, if you need to speak with your financial institution, call the number found on the back of your debit/credit card and not one found in online search results.

Follow these tips and you have a good chance to avoid a malware infection. If you think your device is already infected, there are things you can do. Tap or click here for a free tool that gets rid of ads, viruses and malware.

Stop robocalls for good with Kim’s new eBook

Robocalls interrupt us constantly and scam Americans out of millions of dollars every year. Learn Kim's best tricks for stopping annoying robocalls in this handy guide.

Get the eBook