We’re all a bit afraid right now. And with good reason. The rapidly growing pandemic may be threatening Americans’ health and that of their loved ones. It is surely disrupting everyday life. 

But instead of letting their better angels win the day, some scammers are seizing on this fear and confusion to steal individual’s private financial information. We’ve rounded up some of the most common scams to avoid. 

The most common way scammers do this is by disguising themselves as a trustworthy entity in an electronic communication, whether through email or websites. Here are a few we’ve seen.

Alerts from the CDC or the WHO

One email that appears to come from the Center for Disease Control and Prevention (CDC) has the subject line: Covid-19 - now airborne, increased community transmission. It even comes from a legitimate CDC email address. But, in fact, all the information has been spoofed so the sender can direct victims to a fake Microsoft login page. Once they’ve entered their email and password, the scammers have control of the email account. This scam looks especially authentic because victims are redirected to the real CDC advice page.

The World Health Organization (WHO) is also being used as a patsy by individuals who want to steal your data. In an email titled “Little measure that saves.”, you are asked to download document detailing how recipients can prevent the disease's spread. "This little measure can save you," they claim. But the attachment infects computers with malicious software that records every keystroke and sends it to the attackers, a tactic that allows them to monitor their victims' every move online.

“Donate here to help the fight.” The fake CDC email asks for donations to develop a vaccine, and requests payments be made in the cryptocurrency Bitcoin. Even our hope is being weaponized.

Alerts from your child’s school

I spent the weekend closely monitoring my email for any information from my son’s day care facility. Some scammers have sent parents emails that suggest their child has been exposed to Coronavirus, and instructs them to click on a link, where they may be asked to enter personal identifying and financial information.

Workplace policy emails

A lot of us our working from home these days, something we may not be used to or our work may not be setup for. So a number of legitimate emails may come from your work place. But in one phishing email targets work emails and appears to come from individuals’ employers. It begins, “All, Due to the coronavirus outbreak, [company name] is actively taking safety precautions by instituting a Communicable Disease Management Policy.” If you click on the fake company policy, you’ll download malicious software.

Coronavirus map

A map of where coronavirus has hit throughout the world purports to come from Johns Hopkins University. Clicking on this downloads malware that steals your credentials.

Health advice

“Click here for a cure.” This message purports to be from a mysterious doctor claiming to have details about a vaccine being covered up by the Chinese and UK governments. Clicking on the attached document will take you to a spoof webpage designed to harvest login details.

Financial scams

Covid-19 tax refund. This scam in the UK involves emails that appear to come from the UK equivalent of the IRS. Clicking on the link to "access your funds now" takes recipients to a fake government webpage, where they are encouraged to input all their financial and tax information. Similar scams are likely to come to the United States soon with tax day on the horizon.

Fake websites

Several fake websites have been flagged by cybersecurity companies and anti-virus testing services. As of March 14th, they include:

• coronavirusstatus[.]space

• coronavirus-map[.]com

• blogcoronacl.canalcero[.]digital

• coronavirus[.]zone

• coronavirus-realtime[.]com

• coronavirus[.]app

• bgvfr.coronavirusaware[.]xyz

• Coronavirusaware[.]xyz

• corona-virus[.]healthcare

• survivecoronavirus[.]org

• vaccine-coronavirus[.]com

• coronavirus[.]cc

• bestcoronavirusprotect[.]tk

• Coronavirusupdate[.]tk

In the coming days, and weeks more of these scams will appear. So we’ve put together 8 tips on how to spot a phishing scam so someone doesn’t steal your personal or financial data. Read more here.