Types of COVID-19 Scams to Watch Out For

Types of COVID-19 Scams to Watch Out For

Cybercriminals are using the COVID-19 pandemic situation of fear and confusion to their advantage. Scamwatch has reported over 5170 scams with over $6,280,000 amount lost since the outbreak of COVID-19 (coronavirus). It is, therefore, essential to be aware of scams that are out there and how to avoid them. Codesquad’s cybersecurity team in Perth will help you understand what the different types of COVID-19 scams are and how to protect against them.

Different Types of COVID-19 Scams

Phishing Emails

Scammers use malicious emails that are disguised as legitimate to lure people and gain sensitive information or make them do potentially dangerous action.

Scammers have used the current COVID-19 situation to their advantage by preying on vulnerable people seeking health advice. Many have reported receiving emails from scammers posing as the World Health Organization and promising medical advice. In this case, the victim is taken to a realistic-looking WHO website to input their confidential data in exchange for advice.

There is also spear phishing where scammers make a targeted attack on an investigated person or institution. For example, the scammers impersonate as your close family member and requests you to transfer money right away for a medical emergency.

To know more, read our blog on different types of email phishing.


Smishing scams are similar to phishing, but executed through text messages or SMS. In this case, scammers impersonate themselves as health authorities like the World Health Organisation to lure people into giving away sensitive information or urging them to click on malicious links or attachments.

Some examples of coronavirus-related email and SMS scams involve:

  • Investment schemes and trading information
  • Delivery failure or delay due to COVID-19
  • Fake lockdown fines
  • Fake council tax reductions
  • Misinformation regarding the pandemic
  • Information on social distancing at your local bank


Vishing is similar to phishing–but here scammers deceive people over the phone. Make sure that you don’t hand over any personal details, login details or financial information to anyone over the phone except when you have confirmed their identity.


Pretexting involves scammers misleading you about who they are. They pretend to be a member of reputable organisations, like government agencies or research firms, asking you for personal information like your Social Security number or bank card numbers. Ensure you can confirm identity before giving away any information.

Door-to-door scams

Door-to-door scams usually target elderly or vulnerable people. But the number of reported scams have shown an increase since the COVID-19 outbreak. Scammers impersonate as healthcare professionals and try to sell you health products. It’s essential not to buy anything from a stranger or let anybody into your home unless you can confirm their identity.

How to Protect Against COVID-19 Scams

Use separate passwords and enable MFA where available.

Set different passwords for each of your accounts. You can utilise a random password generator and a password manager to strengthen the passwords and store them securely. This way, you can make it highly difficult for fraudsters to gain access to your various accounts.

Many accounts now offer the option to set up multi-factor authenticator (MFA). MFA will provide multiple security layers in addition to the basic username and password. Even if the hackers can get access to those credentials, there are still barriers protecting your data. The MFA methods include providing a PIN or text message or a biometric identifier.

Restrict the information you share online

Scammers track targets’ information shared on social media and other online platforms. They use this information to either take over the identity or use it to convince you that they are someone familiar.

Restrict the information you post online. Post only that information that is safe to be published.

Avoid sharing too much personal information that hackers can utilise against you. It is important to share if you have been affected by COVID-19. But be on guard if you are contacted by people claiming to authorities from legitimate organisations.  Also, update your privacy settings on social platforms to restrict access to keep your information safe from scammers.

Keep yourself informed

Follow the government guidelines on health safety as well as IT security. Keep yourself regularly updated about scams and protection techniques. Employ Cybersecurity awareness training for your staff. Since the staff are your first line of defence, it’s important to educate staff on the different types of scams, what to look out for and what they need to do if they think they’re being scammed.

Read our blog on cybersecurity training.

These are the most common types of COVID-19 or coronavirus scams that you need to be wary of. Businesses need to conduct security awareness training and implement cybersecurity measures to stay protected from such scams and dangers. The consequences of a security incident can be severe for businesses to recover from. Being cautious is the only way to protect your business from dangers.

Need to know more about different types of COVID-19 scams or other cybersecurity-related queries? Our Cybersecurity experts are 24/7 available to assist you. Contact us or email at cybersecurity@computingaustralia.group, to make your business stay safe and secure from cyber threats.

Computing Australia is a member of The Computing Australia Group of Companies.

Jargon Buster

Multi-Factor Authentication (MFA) – A security process that requires multiple authentications from independent sources to verify your identity before you can access confidential data.

Password Manager – A computer program that enables users to store, generate, and manage their passwords for online services.

Random Password Generator – A software program or hardware device which automatically generates passwords that are strong and unpredictable.