Skip to main content

ADA Compliance

Security Center | Customer Support | Contact Us

Locations Search
Your Bank > Education and Advice > CNB University

COVID-19 Fraud Threats

Since January 1, people across the U.S. have made 91,808 COVID-19-related reports to the FTC*. The best way to avoid current fraud scams is to understand how these scams usually work. Here is a list of some of the most common ways that fraud perpetrators and identity thieves are targeting consumers.

Phishing Scams

Phishing scams are a fraudulent attempt to obtain sensitive information utilizing emails, phone calls and/or text messages purporting to be from a reputable source. In many instances, impostors have been preying on the publics fear around COVID-19 to help execute their criminal act. A few examples of COVID-19 phishing scams are:

  • Consumer relief package scam: As the economic fallout of the COVID-19 pandemic continues, attackers are leveraging consumer anticipation of tax relief and government-issued economic stimulus plans. These attacks trick victims into dropping their guard and clicking a malicious link.
  • Help desk impersonation: At a time when technical support teams are helping employees transition to remote workstations, cybercriminals are impersonating IT help desks to take advantage of their increased visibility and communication. Employees working remotely for the first time are likely in contact with IT and security teams more than ever before. Employees anticipation communication from your help desk may be more susceptible to clicking a malicious link in this type of attack.
  • Safety measures turned malicious: This phishing attack impersonates a coronavirus specialist from the World Health Organization to trick victims with two malicious options. The email urges the victim to download a malicious file disguised as a safety document. The attack also gives the victim the option to click a “Safety Measures” button. If the victim clicks the link, they are redirected to a spoofed World Health Organization site and prompted to provide their email address and password. 


Ransomware is a malicious software this is downloaded, typically through a phishing scheme, that encrypts computer files and locks devices until a ransom is paid. With many institutions and employees now working remotely, cyber criminals have deployed sophisticated electronic communications in order to extort businesses and individuals.

Business Email Compromise

Business Email Compromise is a fraudulent email requesting a change in payment delivery and/or method using a compromised email of a business executive or a spoofed email looking similar. Bad actors utilize social media outlets to research business leaders and corporate structure in order to orchestrate their attacks. A large mobile work force and fear of business disruption have aided in the overall success of this scam.

Fraudulent Unemployment Claims

Fraudulent unemployment claims are when cyber criminals file a claim using compromised data believed to be from previous notable data breaches. With many unemployed or negatively impacted by the pandemic, criminals are taking advantage of speedy relief funds and programs with stolen personal information for their financial gain.

Spoofed Websites

As in the past with natural disasters and states of emergency, criminals have created many spoofed websites intended to victimize those looking to make donations or financially support a cause. With many looking to help others, crooks have created websites looking identical to legitimate entities that make spotting the fakes difficult.

For more information on how to protect yourself from COVID-19 fraud threats, visit