Skip to Main Content

A look at recent Corona scams: spam, phone scams and fake websites

With people staying at home – it’s a tough time for run-of-the-mill burglars. Cybercriminals, on the other hand, smell business opportunity. We’ve recently written about the use of COVID-19 in phishing campaigns. Here is a look at other campaigns, including spam, phone scams, and fake websites.

Corona spam

Due to the high demand, the number of fake emails that advertise supposedly available respirators is increasing. Below is an example from Germany, where the subject line can loosely be translated as: “Protect yourself with this breathing mask – we still have some in stock!” Such emails usually link to professionally designed online shops, which are geared towards siphoning off private data or ripping people off.

Corona rip off: Beware of such fake shops.


Phone scams

Criminals call and pretend to be bank employees. To do this, the displayed telephone number is falsified so that the telephone number displayed is that of the local bank. Allegedly, so the caller alleges, your ability to carry out online banking expired. They say that the usual fix would be to come to your local branch, but because of the virus, they enable you to fix this online from your PC. The mark is then encouraged to log into their online banking account. “As a check”, the caller has a TAN code sent to the mark, which confirms that online banking is now working properly again. At this point, many victims do not notice that the TAN message triggers a wire transfer. This is often done in foreign accounts, so the money is lost forever.

Important: Your bank would never make such calls or ask you for personal data, TANs or passwords on the phone – this is clearly a corona scam. If you would like additional protection from telephone scams, we recommend the service provided by YouMail.

Fake websites

Cyber ​​criminals also rely on people’s increased need for information. For example, we’ve seen at Avira an exponential increase in registrations of domain names with keywords such as “corona” or “covid”. In addition to being used for serious information, cybercriminals access and misuse the website for criminal activities. For example, they offer contaminated files to be downloaded, through which they obtain personal data or gain access to devices and the network. Threat researchers at Avira have already discovered various documents (PDF, MP4, and Docx) that have names related to the spread of the corona virus that carry pests Trojans and ransomware. Cybercriminals are also happy to falsify institutions, for example to apply for emergency aid. They then misuse the fraudulently obtained data for illegal activities. For example, the website of the US medical research institute Johns Hopkins University, which displays the number of people infected worldwide, has already been falsified.

Important: spot phishing emails. This video will help.

Please accept personalization cookies to watch this video.

Video created during a webinar with the Protection Labs | by Amr Elkhawas

These were just a few examples relating to corona scams, which show how unscrupulous cybercriminals leverage the pandemic and resulting fear. And will continue to do so. So stay alert and careful, both offline and online.


This post is also available in: German

Avira logo

Protection yourself from phishing scams with Avira