Malicious coronavirus-themed emails are lucrative for crooks, FBI warns

In a public service announcement and a separate, broader bulletin, the bureau says the problem is real, and the losses to businesses and other organizations are "significant."
coronavirus, pandemic, COVID-19, fraud, scam, email, phishing
(Getty Images)

If you’re not already skeptical of emails asking for money in response to the coronavirus pandemic, the FBI wants you to remember this: It’s a common scam these days. And it works.

The bureau has issued multiple warnings highlighting how crooks are updating a profitable fraud technique to capitalize on pandemic concerns.

A news release issued Monday notes that business email compromise (BEC) attacks — scams in which the perpetrators pose as co-workers or friends, then ask for money — have targeted U.S. municipalities that are trying to purchase supplies to mitigate the COVID-19 pandemic.

The warning coincided with a bulletin Monday noting that U.S. businesses have reported $2.1 billion in losses from BEC scams between January 2014 and October last year carried out through just two email services, which the bureau did not identify by name.


Business email compromise was the most profitable form of cybercrime in the U.S. last year, with victims reporting $1.7 billion in losses, according to bureau figures.

BEC scammers use a variety of techniques to carry out their attacks. One method uses bogus sender addresses that appear strikingly similar to legitimate ones, perhaps substituting one letter for a numeral that looks almost identical (such as replacing an “l” with a “1”). In other cases, hackers will steal a victims’ username and password to enter their mailbox, then impersonate the victim to ask trusted associates for payment, then quickly delete those messages to avoid detection.

“Using the information gathered from compromised accounts, cybercriminals impersonate email communications between compromised businesses and third parties, such as vendors or customers, to request pending or future payments be redirected to fraudulent bank accounts,” said the FBI’s public service announcement.

The bureau cited two cases in which attackers deployed coronavirus-themed emails to boost their fraud efforts.

In one case, a financial institution received an email from the CEO of a company already scheduled to receive $1 million. The fraudster, posing as the CEO, asked that the transfer date be made sooner “due to the Coronavirus outbreak and quarantine processes and precautions.”


The other attempt occurred when a bank received an invoice, apparently from a customer in China, asking to redirect funds to a different bank due to “Corona Virus audits.” The victimized bank sent multiple wire transfers to the new bank “for a significant loss” before catching the scam.

The FBI urged users to watch for emails urging recipients to rush to make wire transfers, any last minute changes in wiring instructions, messages outside typical communication channels, requests from employees to change direct deposit information and sudden requests for advanced payments.

The bureau’s warnings follow a steady stream of notices about staying vigilant during the pandemic. In mid-March, Attorney General William Barr said the FBI and Department of Justice would focus on rooting out coronavirus-related scams. Cybersecurity researchers have issued multiple reports about global hacking campaigns and targeted operations that preyed upon fears of the virus.

The increase in coronavirus-related scams has led one anti-phishing company, Cofense, to say it was ethically questionable to use content related to the pandemic when testing clients.

Latest Podcasts