Impersonation Scams on the Rise During COVID-19

  • Hackers were found locking the victim's computers before they attempt to start Windows and then blaming the infection on reputed researchers.
  • Besides following guidelines, businesses must look for reliable threat intel partners to inform them on threats propagating in the market 

In the past, cybercriminals have taken advantage of major global events. This time the whole world is fighting the same crisis—COVID-19. UK investigators have so far reported over 500 coronavirus-related scams and over 2,000 phishing attempts by cyber crooks seeking to exploit fears over the pandemic. 

Scammers, in these times, also use a popular phishing tactic called impersonation scams that imitates a legitimate business, charity, or well-known individuals. Recently, there was a new incident, a prank to be precise, that occurred during the last weekend.

Here’s what happened

Researchers discovered a new wiper malware impersonating security researchers, mostly to defame them.

  • Hackers were found locking the victim's computers before they attempt to start Windows and then blaming the infection on reputed researchers.
  • The scam is targeting users who are downloading and installing free software from unverified sources and crack sites.
  • Security experts say, if this wiper is using the same MBRLocker builder, the recovery is possible and the user can get back the control of their systems.

However, there have been more serious coronavirus-related impersonation scams that disrupted the ongoing effort everyone is making to battle the current situation.

Other COVID-19-related impersonation scams list


  • Scammers siphoned off more than $110,000 in a new COVID-19 related ruse, where the callers impersonate the Ministry of Health (MOH, Singapore) staff telling the victim that the China officials had seized parcels—registered under the victims' names—containing contraband medicine to treat the coronavirus.
  • An actor group used fake emails infected with bitcoin ransomware or credentials stealing malware impersonating NHS workers, usually to get COVID-19 crypto donations or leading to the blocking of clinical systems.
  • Scammers sent text messages to people for giving away or selling masks on the behalf of the Red Cross. When the victim clicks on the provided link, they are usually asked to pay a “delivery fee” for the items as well as input their credit card information, which is stolen by the scammers.
  • Scammers were spotted impersonating President Donald Trump and the White House in phishing emails designed to lure targets into downloading malware on their systems. One of the emails titled "The White House Instruction for coronavirus." was supposedly from someone in the White House named Valentina Robinson.
  • In yet another format, threat actors used a fake E-book titled “My Health E-book,” from WHO, as a bait. The book claimed to offer complete research on the global pandemic, as well as guidance on how to protect children and businesses.
  • Hacker used a convincing email letter format from the Centers for Disease Control and Prevention, urging recipients to donate Bitcoin to fund coronavirus vaccine research. They used a fake domain, cdc-gov.org for users not paying the right attention. However, the CDC’s real domain is cdc.gov.

Meanwhile, in one of the bizarre scam claims, burglars posed as Red Cross and NHS workers testing for coronavirus to gain access to people’s homes.

How to protect against such scams?

There are multiple security guidelines released by various organizations to assist businesses and individuals during the COVID-19 outbreak. But, here are the two top ways to prevent yourself from falling into an impersonating email trap:

Attentiveness is the key: Watch closely to spot wrong addresses, misspelled URLs, domains with misleading labels. Check authentic sources for any advisory or announcement by the government bodies. Learn more about tips for avoiding phishing emails.
Besides following guidelines, businesses must look for reliable threat intel partners to inform them of threats propagating in the market and whether they could be targeted or not.

Additional official resources


  • COVID-19 in the United States (CDC)
  • COVID-19 in the United Kingdom (NHS)
  • COVID-19 advisory information (WHO)
  • COVID-19 Q&A (WHO)
  • COVID-19 overview (WHO)