by Haidon Storro

Using Disasters like COVID-19 for Profit - a Criminal’s Dream!

Threat actors commonly leverage catastrophic events to launch attacks. As such, it comes as no surprise that COVID-19 is being used to forward cybercrime. What’s more, is that COVID-19 being a global phenomenon has provided a vehicle for scammers to shine. As a result, this prompted the United States Secret Service to release a statement warning individuals against the scams (see below for official PDF link).

To help protect you, we have collected a list of top scams to watch out for:

  • Using well-known organization names in phishing emails to encourage trust.
  • Click-bait email subjects that appeal to paranoia and fear.
  • Impersonating leadership or HR for companies with fake procedure notifications.

Using Well-Known Organization Names in Phishing Emails to Encourage Trust

The increased hysteria COVID-19, also known as the “Cornavirus,” has been perfect stomping grounds to launch frauds. After all, people are in a very volatile headspace and everyone is seeking answers. Cybercriminals are banking on this volatility to launch email campaigns to provoke actions one might not normally take such as donating to research COVID-19. Even though impersonating organizations for money is nothing new, criminals are gaining unusual success. As reputable organizations like the World Health Organization are commonly being used to avoid questions of validity and con more people out of money.

Click-Bait Email Subjects That Appeal to Paranoia and Fear

Besides sending seemingly benign emails, con artists are also sending emails that create a sense of urgency and add to the paranoia. In light of people hoarding supplies, food and emptying shelves in what feels like a real-life Armageddon; paranoia is settling in. Emails with subjects like “government secret knowledge” are making major headway. These emails paint the government as evil bureaucrats who are hiding answers. They contain faulty information that the human race is threatened, and the government is shadily hiding information. Despite anyone’s personal conviction of government secrecy, these emails are overly aggressive and simply using paranoia as a get-rich-quick scheme.

Additionally, scammers are using vernacular like “pandemic” and “survival” to invoke a reaction. Notions like guaranteed Corona survival through purchasing a $37 “pandemic survival” E-book or “free” COVID-19 self-protection PDF are very appealing. Unfortunately, these downloads turn out to be nothing more than trojan malware that harvests personal data, leaving the user out of money and a new computer virus that they might not even detect.

Impersonating Leadership or HR for Companies with Fake Procedure Notifications

With many organizations initiating a work from home (WFH) policy, cybercriminals are using this indefinite period as a means to launch workplace update emails. Most employees are not resistant to emails with subjects like “COVID-19 HR Survey” or “Corona notice for all Employees.” Unfortunately, these emails direct visitors to a deceptive site or portal which asks them to sign in, thereby harvesting credentials or launching malware. It is important to note that an employee connecting remotely with an infected WFH computer can potentially infect the entire internal network, resulting in an organizations’ worst nightmare.

The rampant panic from COVID-19 has provided fraudsters with the perfect opportunity to con concerned citizens, employees, and organizations. Criminals will only continue to utilize this newfound period to harvest sensitive information and make money. Meaning individuals and organizations alike must exercise extreme caution.

To avoid falling victim to cybercrime consider these tips:

  • Doing research before donating to a nonprofit or charity
  • Avoid clicking on email links and PDFs
  • Get COVID-19 information directly from government agencies (such as MDH and CDC)


Silent Sector knows that despite previous personnel training, users will unintentionally click on malicious links and downloads. Also, out of concern for staying informed, employees will habitually click on links like “updated cases list.” This is particularly frightening for businesses because employees are the first line of defense in protecting the internal network. Contact us to discuss how our approach to remote employee training can ensure your employees are well versed in recognizing fraudulent activity and most importantly keep you in operation throughout this indefinite period of WFH.

Secret Service Warning

Digital Map of Confirmed COVID-19 Cases

About the Author

Written by Haidon Storro

Cybersecurity Research & Content Manager, Silent Sector -- Haidon Storro is a Cyber Security Analyst for CVS Health. She has her BS in IT Cyber Security as well as security certifications like CompTIA Security+ and ISC2. While Haidon is newer to the security community, she has dedicated herself to learning as much as she can through internships, online courses, and conventions like DefCon. In her free time, she enjoys reading about new advancements in technology, going to security meetups and participating in cyber defense competitions. One of Haidon’s goals is to make the connected world safer by bridging the human aspect with technology.