Your Bank > Education and Advice > CNB University

COVID-19 Phishing Scams

According to recently published research from Barracuda Networks, phishing schemes related to the coronavirus have increased by 667% from February to March. Some of the top scams include:

  • Consumer relief package scam: As the economic fallout of the COVID-19 pandemic continues, attackers are leveraging consumer anticipation of tax relief and government-issued economic stimulus plans. These attacks trick victims into dropping their guard and clicking a malicious link.
  • Help desk impersonation: At a time when technical support teams are helping employees transition to remote workstations, cybercriminals are impersonating IT help desks to take advantage of their increased visibility and communication. Employees working remotely for the first time are likely in contact with IT and security teams more than ever before. Employees anticipation communication from your help desk may be more susceptible to clicking a malicious link in this type of attack.
  • Safety measures turned malicious: This phishing attack impersonates a coronavirus specialist from the World Health Organization to trick victims with two malicious options. The email urges the victim to download a malicious file disguised as a safety document. The attack also gives the victim the option to click a “Safety Measures” button. If the victim clicks the link, they are redirected to a spoofed World Health Organization site and prompted to provide their email address and password.
  • Internal Organization Alert: This phishing attack takes a corporate approach by impersonating a company’s president to deliver an attachment disguised as tips to prevent infection. The attachment is designed to infect an employee’s machine with malware.
  • New Cases in your area: This attack preys on the fears of Coronavirus spreading near the victims’ location. Disguised as a CDC alert, this phishing email tricks victims into clicking a malicious link by offering an updated list of new cases of the virus documented near them.
  • The donation scam: Like the tried-and-true donation scams used after natural disasters, this phishing attack solicits donations to fight the spread of the coronavirus. The attack imitates a CDC emergency outreach email and asks victims to deposit money into a Bitcoin account.

Just a reminder to be vigilant! Tips on how to recognize and avoid phishing scams like these from the FTC, click here.