Fraudsters are exploiting fears over Coronavirus

March 17, 2020

Fraudsters are leveraging fears over the coronavirus as an opportunity to scam financial institutions and consumers. Watch out for scammers who are taking advantage of concerns over COVID-19. Fraudsters are posing as the CDC Health Alert Network to steal personal information.

Here are a few examples:

Sidney (N.Y.) Federal Credit Union sounded warnings about a scam where members receive phone calls and text messages that appear to be from the credit union asking for personal and online banking information. In a message on its Facebook page, the credit union tells members not to reply to these messages because caller ID can be “spoofed” and isn’t a reliable way to identify a caller.

City of Boston Credit Union posted a message on its website that hackers and scammers are using the potential public health crisis to take advantage of unsuspecting businesses and consumers. The message explains that fraudulent emails have surfaced claiming to be from the Center of Disease Control and Prevention (CDC) and the World Health Organization (WHO), directing unsuspecting recipients to harmful websites that load malware or other harmful applications under the ruse of offering important pandemic information.

In response to these and other campaigns, WHO and CDC have issued alert warnings to consumers to be on the lookout for individuals posing as their organizations. The best practice in avoiding scams and hackers is to not click on any links in emails you were not expecting or you did not request. Just delete the email.

Opportunistic hackers are also employing other tactics to take advantage of consumers.

One of the phony maps that fraudsters use is The website claims to provide an up-to-date coronavirus map similar to another map created by The Johns Hopkins University. The malicious website produces a map that nearly matches the university’s graphics. The fraudulent map contains software that steals usernames, passwords, credit card numbers and other data stored in the user’s browser. The Trojan is distributed through infected email attachments, malicious online ads, social engineering, and software vulnerabilities.

Fraudsters also target consumers through a more common tactic: phishing email attacks. Some emails claim to be from CDC and WHO,  and others offer a link to a coronavirus map of the recipient’s neighborhood, or an update on how many people have been infected. The emails attempt to trick users into entering personal information or clicking on a link that will download malware on user’s computer.

We offer our members this advice to protect themselves from scammers: 

  • Use only reputable sources when searching for information about the coronavirus.
  • Be aware of phishing emails and never click unknown attachments or links.
  • Be cautious of emails and phone calls offering unexpected information and asking for personal information.