COVID-19 scams: what to look out for and what to do

Since 10 March 2020, the Australian Cyber Security Centre has:

  • Received more than 95 cybercrime reports (approximately two per day) about Australians losing money or personal information to COVID-19 themed scams and online frauds;
  • Responded to 20 cyber security incidents affecting COVID-19 response services and/or major national suppliers in the current climate; and
  • Disrupted over 150 malicious COVID-19 themed websites, with assistance from Australia’s major telecommunications providers, as well as Google and Microsoft.

The sheer number of scams being created to take advantage of the stress and uncertainty of this time is chilling. People’s first instinct in times like these is to use the internet to search for information and updates on how the current situation might affect them and what measures they can take to protect themselves and others.

However, cybercriminals are looking to captialise on the stress and uncertainty and the increased interest in coronavirus to commit fraud.

There are a few different ways they can do this, and they can often slip under the radar in the midst of the growing noise of information that seems to change everyday.

Many companies, both in Australia and across the globe, have been contacting their customers with important updates to their businesses and services. With so many incoming service updates and important reminders, cybercriminals are taking advantage of the influx of coronavirus communications to send out malicious emails designed to steal sensitive information and also to run scams like selling fake equipment and treatment or convincing people to donate to fake organisations.

Normal precautions that might prevent people from clicking on a suspicious link sent in an email labelled ‘important message’, may be overridden by fear that they will miss out on vital information, especially when the email is sent from an official looking email address.

We’ve listed some of the scams that have been seen in Australia following the COVID-19 outbreak so you know what to look out for, and what to do if you see or receive one.

Novel coronavirus Scams

Charities

Cybercriminals are taking advantage of people’s trusting natures and goodwill by setting up fake charities claiming to be helping people during the novel coronavirus pandemic. While there are real organisations you can make legitimate donations to, many fake websites can be convincing, using copies of real logos and names of organisations to fool people into donating. Alternatively they may be posing as someone who requires financial assistance, or as a person who is raising money for someone else in need.

The below examples show very basic accounts asking for donations, but you can see they don’t provide very much information about where the money is going, who they are, and who exactly the recipients will be. The purpose of the fundraiser is very generic and is likely to be a scam. They also have a noticeable lack of donations. If fundraisers have been going for awhile and no one else is donating money, it’s a good idea to question their authenticity.

How to check if a charity is legitimate:

  • Check the Charities and Not for Profit Commission to see if the charity you are donating to is registered.
  • Research whether the company or person has any scam complaints by searching online for their name and ‘scam’. 
  • See if they have been set up recently or have been around for a long time. Charities that have been setup recently are at higher risk of being fake.
  • If they press for immediate financial assistance, or try to make you feel guilty for not donating, it may be fraudulent.
  • If they ask you to send money via bank transfer, gift cards or cash it may be fraudulent; credit card payments and cheques are generally considered to be safer.
  • If they request the cheque to be made out to their personal bank account rather than the charity, this should raise alarm bells. 
  • If they do not give you a receipt that can be a red flag that the donation has not been registered officially.

When it comes to assessing whether individuals are accepting donations for legitimate causes, it can be much trickier. Because fundraising platforms can be hosted on social media accounts like Facebook or specific websites set up for fundraising like gofundme or fundly, a lot of the advice for avoiding fake charities doesn’t apply.

Here are some steps to take before donating to an individual claiming to be raising money:

  • Look at the details. 
  • Who is the person asking for the funds?
  • What are they specifically raising the money for?
  • Where is the money going?

If you are in doubt about whether a charity you want to donate to is legitimate, either check the Charities and Not for Profit Commission, or if you want to donate to an individual fundraiser, try to find one that contains as many details as possible about the who, what, when, where and why.

Important messages from big businesses

Over the last few months many Australians have been receiving emails, calls and SMS from fake government agencies, insurance companies, banks, superannuation companies and other big organisations, all providing updates relating to COVID-19. These may be businesses you are a customer or member of, or they could be from a business you’re simply familiar with.

Recently identified scams have been crafted to mimic the communications of companies you have regular contact with, and have been designed to ‘phish’ for your information.

What is phishing? Phishing is one way scammers commit online identity theft. They send out emails and SMS that take you to fraudulent websites designed to steal your personal data or information such as credit card numbers, passwords or other sensitive information. Fraudsters can then use this information to purchase goods using your financial details or commit other kinds of fraud in your name.

Below are some recent examples of phishing COVID-19 related scams that have been circulating in Australia. The scam alerts people to unclaimed subsidies, benefits or other government payments, and the recipient is directed to a fraudulent website. They may be prompted to enter their financial details in order to receive the ‘benefit’ or ‘subsidy’, which then can be used to commit fraud.

Another example refers people to register to be tested for coronavirus and where these stations are located nearby. Be wary of any email or SMS that asks you to register any of your personal information.

Note: Scammers can easily copy and paste logos and create convincing looking emails to replicate official communications, as seen below.

Members of the public have also reported cold calls from people claiming to be from the government or from their superannuation companies trying to direct them to a different website than usual to access their services.

If you are unsure if the email, call or SMS you have received is legitimate, contact the business on the email or phone number you would usually contact them on, not the ones provided in the email, call or SMS. The business will be able to confirm if they have sent you any correspondence, so you can know whether to trust the information or not.

Below are some red flags an email or SMS is likely from a fraudster:

  • Generic rather than personal greetings, not addressing you by name
  • The names of organisations do not exist or are misspelled
  • Poor quality spelling and grammar. Lack of spaces after full stops
  • Overly official or formal language
  • Poorer quality presentation, mainly text and a hyperlink to a website.

If you suspect an email, call or SMS you’ve received is fake, do not open any links, provide any personal information and report it to scamwatch here.

If you have received one of these messages and clicked the link, or you’re concerned your personal or banking details have been compromised, contact your financial institution immediately.

If you have suffered financial loss from cybercrime, report it to ReportCyber: www.cyber.gov.au/report

Freebies or giveaways

Another popular scam circulating at the moment is for fraudsters to send out ‘freebies’ or assistance package messages through emails and SMS, claiming to be from well-known organisations like Woolworths. Particularly at a time when many people are facing financial difficulties, giveaways, freebies and discounts are appealing. Fraudsters take advantage of the stressful time by offering fake giveaways that will actually end up costing you money.

This current scam aims to take people to a fake website where people’s sensitive information can be stolen and used to commit identity theft and fraud.

If you receive an offer like the one above, do some research online to work out whether it is real or not. Visit the official website of the company, not via the link the email or SMS provided, to see if they’ve made an announcement about a giveaway.

Again if you suspect an email, call or SMS you’ve received is fake, do not open any links, provide any personal information and report it to scamwatch here.

Domain names

When crises occur, many cybercriminals rush to capitalise on the fear and confusion of the time to register new domain names that are related to the threat at the time. When searching for information online, websites with addresses like ‘coronavirustest.com’ or ‘coronavirushelpfund.com’ might seem to be more official than other websites with no mention of coronavirus. However there is a high probability that 50% of these websites are actually dangerous and contain malicious content designed to steal your information.

A report in March from cybersecurity company Checkpoint found that over 4000 new coronavirus-related domains have been registered since January 2020. They also discovered these domain names were 50% more likely to host malicious content than other domains that have been set up in the same time period. Just two weeks later the number of coronavirus related domain names rose to 16,000.

It’s important to note that while a website might seem to be legitimate because of its name, they may have been created for the purpose of hosting malicious content designed to steal your sensitive information. Alternatively they might have been set up to sell bogus goods or services related to coronavirus, or to get you to donate to fake charity organisations.

The below example is a website that provided an up-to-date map of the coronavirus spread around the world. Modelled off the official map by John Hopkins University, this map was embedded with a malicious program designed to steal usernames, passwords and credit card numbers saved in people’s browser caches. With the domain name ‘Corona-Virus-Map.com’, people were tricked into believing the information on the website was correct and safe to use.

Links to the website were sent out via email attachments and online advertising.

What to do when searching online:

  • Try to only visit reputable news or government websites for information regarding coronavirus
  • Don’t follow links from any ads, emails or SMS to take you to coronavirus-related news
  • If a website asks you to install something, make sure it is a website you know and trust
  • Be wary of any website offering discounts of coronavirus related cures or self-testing equipment

Fake testing equipment and treatments

With the huge surge in online shopping, scammers are using this increased web traffic to market all sorts of fake cures and treatments for COVID-19, including self-testing kits. 

These scams can work in one of two ways, either the products you buy won’t work as expected or won’t be delivered at all.

Self-testing kits

Although self-test kits are being developed, currently any products marketed directly to consumers as self-testing kits for the virus that causes COVID-19 should raise a red flag. The Home Affairs Minister in Australia, Mr Dutton, has advised that the only approved tests for COVID-19 in Australia are laboratory based tests or tests that can be used by health professionals at the point of care such as in hospitals or clinics.

Treatments and cures

Other products are being marketed as treatments to help prevent novel coronavirus or to cure it. People should be wary of any product or treatment that advertises it will prevent or cure coronavirus. According to the World Health Organisation, to date there are no treatments and cures for people to take at home.

These fake treatments could be anything from fake vaccine kits like the example below, supplements, or prescription drugs.

Masks

Masks are another item in high demand, and cheap ineffective masks are currently being seized by border patrol. If you are trying to purchase masks, make sure you’re purchasing them through trusted and official websites.

Note: If you suspect you may have novel coronavirus, you can call the National Coronavirus Helpline for information and advice about COVID-19 on 1800 020 080.


There is a lot of confusion and misinformation circulating today around coronavirus, and it’s important for Australians to be on their guard when it comes to scams looking to take advantage of these unusual times and circumstances.

If you suspect an email, call or SMS you’ve received is fake, do not open any links, provide any personal information and report it to scamwatch here.

If you have received one of these messages and clicked the link, or you’re concerned your personal or banking details have been compromised, contact your financial institution immediately.

If you have suffered financial loss from cybercrime, report it to ReportCyber: www.cyber.gov.au/report