COVID-19 Scams

Episode ID S1E03X
March 11, 2020

In this special edition of CoBank’s Fraud Wise, we’ll be talking about new cyber-scams and social engineering attempts that capitalize on fears related to the COVID-19 pandemic, as fraudsters look for every opportunity to take advantage of the weakest link in cybersecurity — the human element.


Hello, this is CoBank’s Fraud Wise, helping you avoid becoming a victim of fraud.

As the COVID-19 pandemic continues to develop, a new area of cyber risk has emerged and—as ever—malicious actors will be looking for every opportunity to take advantage of the situation. Fraudsters want to benefit from the coronavirus outbreak to exploit the weakest link in cybersecurity – the human element.

Criminals are exploiting people’s need for information about the coronavirus, and the speed and frequency at which people want new information leads them to do things they might not otherwise do.

There have been many reports of ‘health campaign emails’ claiming to be from official sources, and claim to provide guidance about the coronavirus in malicious attachments. The World Health Organization and others have issued warnings about criminals impersonating them to carry out attacks and frauds.

Employees are actively looking for, and expect this information from their employers and may inherently trust communications that look authentic and appear to provide information they’re keen to hear.

These attacks are made through email, telephone calls or text messages to get hold of a person’s credentials or other sensitive information. Attackers will scour publicly available information about companies and individual employees to identify vulnerabilities they can exploit. An attacker might impersonate a trusted third party supplier, such as a travel partner or other vendor, that the business would be expected to lean on at a time like this and request a change in payment instructions. HR or Payroll might get emails impersonating employees and requesting changes in direct deposit information. Alternatively, employees might get a text message from someone claiming to be from the IT help desk, asking to validate that they have VPN access. A successful attacker could gain access to sensitive information or credentials, and possibly your network and critical systems.

Since many offices are vacant while business is being conducted remotely, blank check stock and incoming mail need to be secured. Fraudsters are skilled at intercepting incoming mail and stealing checks, which are used to create counterfeits for large-scale consumer fraud overpayment scams. Secure outgoing payments as well, by only depositing mail containing checks at post offices or other secure mail drop-off sites.

At this time of uncertainty, employees are relying on voice, text, and other alternative channels such as social media, allowing a greater chance of social engineering and impersonation frauds. They may look for workarounds to IT policies and best practices. They might connect their personal devices to corporate networks, or use their corporate devices for personal business or browsing for coronavirus information. It’s easy to imagine how the pressure of working from home could result in compromises, removing a previously effective control.

You can help your employees recognize the emerging threats they might see in the coming days, weeks and months, by repeating the message that they should treat communications from senders they don’t recognize or expect — with caution. Do not open links, do not input credentials, do not open attachments from unauthenticated senders. Make sure that all changes to existing payment instructions and all new payment instructions must be validated by contacting the requester through a previously validated phone number to ensure the request is legitimate.

At a time of heightened business and personal stress, organizations must review their cyber defenses and internal controls and keep their people informed of evolving threats so they’re less likely to become a victim of a phishing attack, a key logger, a ransomware trojan or an impersonation scam.

This has been CoBank’s Fraud Wise, helping you protect against fraud.

For more information about these and other types of fraud scams visit the Fraud & Security Center on