Beware of coronavirus scams

Cyber criminals and scammers will take advantage of concerns and confusion around coronavirus. Beware of scams.

There is no situation so serious that cyber criminals will not attempt to exploit it. So it is with the coronavirus crisis, and reports of numerous scams have, sadly, already started to appear, including coronavirus-themed malware.

People and organisations should be wary of the heightened threat—not only of COVID-19 itself, but from cybersecurity risks such as phishing, malware, ransomware and scams.

Many of these attempts will be similar to those that are commonly employed by the fraudsters. The only thing different this time is the context, with coronavirus featured as the 'theme'.

The most common threat is the 'phishing' email, which attempts to trick the recipient into clicking a link or opening an attachment that could steal passwords or install malware (a virus of the digital kind). Scammers will prey on fear and urgency about the crisis as a means to get their targets to click these links. Make sure that you, your staff and your volunteers know how to spot a phishing email.

Unfortunately, vulnerable people—including those most at risk from the coronavirus—are being targeted by these scammers and are at particular risk. Reports can be read of fraudsters targeting elderly people with, for example, phony "decontamination services". Possibly as an opportunity to then steal from their home (alongside the consequential exposure to direct transmission).

Many organisations are seeking to keep their contacts updated about their service provision. Be vigilant to the threat of impersonation of legitimate organisations and people. Even the World Health Organisation has seen its members of staff impersonated in fake emails related to COVID-19, as has the Centre for Disease Control.

As staff (and volunteers) may be moving towards working from home, risks are likely to increase as they are outside of normal organisational and technical controls, such as firewalls and email spam protection. Ensure that staff continue their vigilance against these risks, and that your organisation actively takes steps to reduce the risks associated with home working. On the more niche end, if you're relying on video calls to keep in touch, beware that the 'Zoom-bombing' phenomenon has arisen in the recent combination of work-from-home conference calls and bored teenagers.

Some further resources:


Every effort is made to ensure that the contents of this document are accurate, but the advice given should not be relied on as a definitive legal statement.

Share your COVID-19 support service

Organisations providing support to people and communities can share their service information here

> Share your support

Find more coronavirus information from NICVA

Not a NICVA member yet?

Save time, money and energy. Join NICVA and you’ll be connecting in to a strong network of local organisations focused on voluntary and community activity.

Join Us

NICVA now welcomes all small groups for free.