The Top 5 Coronavirus Scams

May 27, 2020 | COVID-19, Information

Cybersecurity is an unfortunate threat that business owners and individuals face every day. As part of our ongoing effort to keep our clients informed, we wanted to share the Top 5 Coronavirus Scams, a list that our cybersecurity partner, NINJIO, put together.

The Top 5 Coronavirus Scams


1 – Coronavirus malware map

One of the go-to resources for anyone who has been tracking the Coronavirus outbreak is an interactive map managed by Johns Hopkins University that provides real-time updates on the spread of the disease. But cybercriminals are now using a fake map to manipulate victims into downloading malware capable of stealing their passwords. The malware is embedded in a file that has to be downloaded before it can infect the victim’s computer. And while the victim has to have Java installed for the infiltration to work, cybersecurity analyst Brian Krebs reports that the seller (who was advertising the malware on a Russian hacker forum) claims it will even work on updated versions of the software. This is a reminder that clever social engineering can help hackers get around digital protections.

TAKE ACTION: Users can avoid falling victim to this cyberattack by refusing to click on suspicious links or attachments – particularly if they’re offering access to data or information that doesn’t require any special download to access. There are countless resources for anyone interested in staying up to date on Coronavirus, such as the real map on the Johns Hopkins website, The New York Times’ daily tracker, and information provided by the CDC. All of these resources are readily accessible online, so there’s no reason to risk downloading a map or anything else.

2 – Fraudulent offers of remote work

The national unemployment rate is roughly 15%, meaning there are millions of newly out-of-work individuals seeking employment, and most of them are seeking work online. While remote work can offer many people a lifeline during this period of isolation and economic contraction, cybercriminals are taking advantage of a desperate situation to manipulate and defraud people. For example, a group of hackers launched a fake nonprofit called the Vasty Health Care Foundation, which tricks job seekers into thinking they’ve been hired by a nonprofit that’s working to help people affected by Coronavirus. In reality, these victims are being used as “money mules” – unwitting intermediaries who help cybercriminals launder stolen money. The hackers will tell victims that a “donation” needs to be processed, so they’ll transfer money and ask that it be converted into Bitcoin. Of course, not all fraudulent work offers are money mule schemes – many are just a way to gain access to sensitive information such as Social Security numbers. These are all reasons why job seekers should work with established companies whenever possible and do their homework on any potential employer – are there reviews on sites like Glassdoor? Is there media coverage you can reference? Have you spoken to anyone at the company over the phone? Did the interview process seem rushed? Do the terms sound too good to be true?

TAKE ACTION: If you’re searching for remote work (especially for the first time), these are all questions you should be asking. You should be even warier if you’re asked to move money around (particularly when cryptocurrency transfers are involved) or if you’re asked for sensitive personal information like your SSN and bank account number.

3 – Fear phishing (fake government alerts)

Cybercriminals have always preyed on the fear of their victims – they use threats and frightening language to coerce people into doing what they say. This is why one of the fastest-growing scams is a fake phone call from the Social Security Administration that convinces victims their SSNs have been compromised or used in criminal activity. Hackers then demand money or “verification” of the SSN, which allows them to steal both. In 2018 alone, 35,000 people were hit with this scam and they collectively lost $10 million. It’s no surprise that cybercriminals are taking full advantage of the fear surrounding Coronavirus. Fake emails from the CDC, the WHO, and other major federal and international agencies are circulating with subject headings like “COVID-19 – Now Airborne, Increased Community Transmission” and offering downloadable information on “little measures that can save you.”  The cybercriminals who create schemes like these use a wide range of hacking tools like keyloggers that can steal credentials and sensitive personal information. Proofpoint researchers report that they’ve seen “fake Office 365, Adobe, and DocuSign sites” that convince people they’re working with legitimate documents. As with many of the Social Security scams (in which the Social Security Administration’s real number appears on caller ID), these hackers can imitate legitimate email addresses from organizations like the CDC.

TAKE ACTION: This is why you should always check the email headers, hover your cursor over links to see where they lead and be extremely suspicious of alarmist messages coming from government agencies that are asking you to do something immediately. Instead, check the alerts on real websites and call the agencies if you have any questions.

4 – How hackers exploit our desire to help

Just as cybercriminals know how to manipulate their victims based on fear, they also know how to use generosity. The aforementioned Vasty Health Care Foundation scheme told job seekers that the sham organization helps “hospitals from underdeveloped countries to support the highest level health care through the funding of vital medical equipment, research, education, and the provision of items that impact comfort and care.” The hackers clearly assumed that people would be more interested in the fake job posting if they thought it was an opportunity to help people affected by Coronavirus. This is a realization many other cybercriminals have made as well, but they’re soliciting money directly. To take just one example: Kaspersky Lab reports that a fraudulent email purportedly sent by the CDC asks recipients to donate to help establish an “incident management system to coordinate a domestic and international public health response” to the pandemic. While most people will immediately recognize that a federal agency would never send an email soliciting private donations – much less to a Bitcoin account – other cybercriminals are savvier. The Vasty Health Care Foundation website, for instance, uses a template based on a real charity ( to convince visitors of its legitimacy. The FTC expects the number of phony Coronavirus charities to spike in the coming weeks, and it points out that “Some scammers use names that sound a lot like the names of real charities.”

TAKE ACTION: A recent press release by the office of Georgia’s Secretary of State addresses the uptick in counterfeit Coronavirus charities and points out that “awareness is the first line of defense.” This is NINJIO’s core message, and it’s more applicable than ever in the midst of a pandemic. If you want to help Coronavirus victims, visit the websites of well-known charities directly, never enter payment information in response to a solicitation email, and use resources such as GiveWell (which is conducting research on how to mitigate the effects of Coronavirus) and the Better Business Bureau to determine which charities are the most effective.

5 – Hackers are exploiting economic relief effort

Governments around the world have taken action to stave off a potential recession. These government relief programs offer the perfect pretense for cybercriminals to deceive people and steal their information. Those eager to receive relief funds are a prime target for cybercriminals to capture sensitive information.

TAKE ACTION: You should only provide sensitive information directly through the secure online resources provided by your government. Never click on a link in an email that’s asking for money. If you have any questions about measures your government is taking to support the economy, reach out on the phone via the relevant agency’s official phone number. And pay close attention to media reports on stimulus efforts, which will provide projected timelines and other important information.

At a time when cybercriminals are tirelessly developing schemes like these to leverage the mass fear, uncertainty, and desperation caused by the Coronavirus outbreak, we all have to be just as tireless in our efforts to repel their attacks and protect ourselves. Many technological defense mechanisms can be deployed – such as updating all your devices, using a VPN, and protecting accounts with multi-factor authentication – but your most crucial cybersecurity resource is your awareness.

Cyber Insurance

You can supplement your preventative efforts by purchasing a cyber insurance policy. If you have a BOP (Business Owners Policy), you can add a cyber liability endorsement. Small businesses should consider this option, and larger companies should opt for more protection. For higher limits and more robust coverage, we recommend a stand-alone Cyber Insurance Policy. This type of policy would be ideal for a business with a lot of online transactions, credit card handling, and sensitive customer or employee data.  Cyber coverage is relatively inexpensive and is a great way to help protect your business from financial ruin. It doesn’t matter how big or small your business is, no company is immune to the threat of a cyber-attack. In addition to practicing the safety precautions mentioned above, we genuinely recommend in investing in a cyber insurance policy. Contact your agent for more information.


Cyber Insurance

We offer Cyber Insurance for businesses and qualified individuals. Speak with an agent for more information.

You might also be interested in...