How cybercriminals are taking advantage of COVID-19

Fear has always been a powerful weapon for cybercriminals and, as the COVID-19 virus spreads across the globe, perpetrators are exploiting this vulnerable time.

Over the last few months, opportunists have been trying to make money from the pandemic by either sending ´phishing´ emails, hacking or selling counterfeit goods. Law enforcement agencies have been rapidly warning their communities and here are some examples.


Almost immediately after the outbreak., reports of phishing campaigns using COVID-19 related content started to appear.  

Health organizations such as the World Health Organization (WHO) and the U.S. Centers for Disease Control and Prevention (CDC) have been prime targets for impersonation. 

Fraudsters pretend to offer important information about the virus in an attempt to get potential victims to click on malicious links. Typically, such links can install malware, steal personal information, or attempt to capture login and password credentials.

The WHO is aware of these scams and has published a detailed post on its website on how the organization typically communicates, and what it will or won’t write in official emails. 

“Make sure the sender has an email address such as ‘’. If there is anything other than ‘’ after the ‘@’ symbol, this sender is not from WHO. WHO does not send emails from addresses ending in ‘’, ‘’ or ‘,’ for example.”

Researchers at Check Point Software Technologies Inc. said they had observed a noticeable number of new websites registered with domain names related to COVID-19. More than 4,000 were registered globally since the end of December, with 3% found to be malicious and 5% considered suspicious.

The FBI has issued an official alert regarding a range of scams including fake CDC emails, phishing emails, and counterfeit treatments or equipment. 

Fraudulent or counterfeit goods

Fraudulent Mask

Online medical supplies are also being targeted: INTERPOL has reported that law enforcement agencies have found 2,000 online links advertising items related to COVID-19. Of these, counterfeit surgical masks were the most common items sold online.

“Once again, Operation Pangea shows that criminals will stop at nothing to make a profit. The illicit trade in such counterfeit medical items during a public health crisis shows their total disregard for people’s wellbeing or their lives,” said Jürgen Stock, INTERPOL’s Secretary-General.

Recently, a man was arrested by the City of London Police allegedly in the act of sending kits from a post office near his home in West Sussex. The case originated when the U.S. Customs and Border Protection Agency in Los Angeles intercepted a package on March 18, containing 60 separate COVID-19 treatment kits labeled as ‘Anti-Pathogenic treatment’, which were sent from the UK.

Detective Chief Superintendent Clinton Blackburn, from the City of London of Police, stated: “Fraudsters are constantly looking for ways in which they can exploit people, including using global emergencies and times of uncertainty for many, to defraud people out of their money… When buying online, beware of illegitimate websites, suspicious URLs and remember that claims like ‘100 percent safe, no side effects’ or ‘quick results’ are often warning signs.”


Czech Republic Hospital

While healthcare organizations battle the virus, they’re also battling a surge in cybersecurity threats.

“The number of cyberattacks is significant and expected to increase further. Cybercriminals will continue to innovate in the deployment of various malware and ransomware packages themed around the COVID-19 pandemic,” said INTERPOL.

A cyberattack hit the second-biggest hospital in the Czech Republic and was serious enough to delay surgeries. The incident was confirmed by the Czech National Office for Cyber and Information Security (NÚKIB), which is working alongside police and hospital staff to recover from the damages and secure their network.

In a statement to Czech media, the hospital director said some systems were still working, but the ability to transfer information between its facility systems and database was compromised.

Meanwhile, the WHO has experienced a twofold increase in cyberattacks. A hacker group had attempted to steal employee passwords using a fake login web page, but the suspicious activity was noticed by Alexander Urbelis, a cybersecurity expert and attorney with NY-based Blackstone Law Group. Congratulations, Alex!

Related Articles