COVID 19 Fraud Schemes

Fear and changes create opportunities and, sad to say, COVID 19 is no exception. As a matter of fact, the Federal Bureau of Investigation (FBI) has released several articles covering some of the COVID 19 fraud schemes that are coming to light. We do have to say, that the FBI has also created several tools and articles that we consider useful, informative and their website is easy to navigate. Some of the key fraud schemes they warn us about are:

Fake CDC Emails.  Watch out for emails claiming to be from the Centers for Disease Control and Prevention (CDC) or other organizations claiming to offer information on the virus. Do not click links or open attachments you do not recognize. Fraudsters can use links in emails to deliver malware to your computer to steal personal information or to lock your computer and demand payment. Be wary of websites and apps claiming to track COVID-19 cases worldwide. Criminals are using malicious websites to infect and lock devices until payment is received.

Phishing Emails.  Look out for phishing emails asking you to verify your personal information in order to receive an economic stimulus check from the government. While talk of economic stimulus checks has been in the news cycle, government agencies are not sending unsolicited emails seeking your private information in order to send you money. Phishing emails may also claim to be related to:

  • Charitable contributions
  • General financial relief
  • Airline carrier refunds
  • Fake cures and vaccines
  • Fake testing kits

Counterfeit Treatments or Equipment.  Be cautious of anyone selling products that claim to prevent, treat, diagnose, or cure COVID-19. Be alert to counterfeit products such as sanitizing products and Personal Protective Equipment (PPE), including N95 respirator masks, goggles, full face shields, protective gowns, and gloves. More information on unapproved or counterfeit PPE can be found at You can also find information on the U.S. Food and Drug Administration website,, and the Environmental Protection Agency website, Report counterfeit products at and to the National Intellectual Property Rights Coordination Center at

Zoom-bombing.  This refers to the act where an unauthorized individual hijack a video teleconference. The term comes from Zoom who is a company that offers online meeting platforms but is now applied to any type of teleconference hijacking attempt regardless of the platform used.

Even the Office for Civil Rights (OCR) has jumped into the bandwagon to prevent fraudulent schemes. In OCR’s Alert: Individual Posing as OCR Investigator they posted:

“It has come to OCR’s attention that an individual posing as an OCR Investigator has contacted HIPAA covered entities in an attempt to obtain protected health information (PHI).  The individual identifies themselves on the telephone as an OCR investigator, but does not provide an OCR complaint transaction number or any other verifiable information relating to an OCR investigation.” 

The fact that an emergency has been declared by President Trump and that the Office for Civil Rights (OCR) posted that health care providers will not be subject to penalties for violations of HIPAA is not the same that we don’t have to be alert or security conscious. In fact, the FBI recommendations should sound somewhat familiar as they encompass:

  • Do not open attachments or click links within emails from senders you don’t recognize.
  • Do not provide your username, password, date of birth, social security number, financial data, or other personal information in response to an email or robocall.
  • Always verify the web address of legitimate websites and manually type them into your browser.
  • Check for misspellings or wrong domains within a link (for example, an address that should end in a “.gov” ends in .com” instead).

 As to Zoom Bombings the FBI Recommends

  • Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.
  • Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
  • Manage screen sharing options. In Zoom, change screen sharing to “Host-Only.”
  • Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated their software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
  • Lastly, ensure that your organization’s telework policy or guide addresses requirements for physical and information security.

Last, but just as important, OCR’s recommendations regarding OCR impersonators are:

  • HIPAA covered entities and business associates should alert their workforce members and can take action to verify that someone is an OCR investigator by asking for the investigator’s email address, which will end in @gov, and asking for a confirming email from the OCR investigator’s hhs.govemail address. 
  • Suspected incidents of individuals posing as federal law enforcement should be reported to the Federal Bureau of Investigation (FBI).  The FBI issued a public service announcement about COVID-19 fraud schemes at

From our part we recommend everyone to remember the basics of cybersecurity, be alert and to report suspicious activity, by visiting the FBI’s Internet Crime Complaint Center at