Javascript is not enabled.

Javascript must be enabled to use this site. Please enable Javascript in your browser and try again.

Skip to content
Content starts here


Leaving Website

You are now leaving and going to a website that is not operated by AARP. A different privacy policy and terms of service will apply.

Secret Service Warns: Cybercriminals Exploiting Coronavirus Fears

Scams spread in U.S. as outbreak sweeps the globe

spinner image Malware, computer scam concept
Andrew Bookes / Getty Images

The U.S. Secret Service is warning that cybercriminals are trying to steal from people using several scams tied to the coronavirus pandemic.

"As more and more people have tested positive for coronavirus, we've seen an increase in the number of scams that are occurring,” says Special Agent Chris McMahon, who spoke to AARP in an interview on Monday.

spinner image Image Alt Attribute

AARP Membership— $12 for your first year when you sign up for Automatic Renewal

Get instant access to members-only products and hundreds of discounts, a free second membership, and a subscription to AARP the Magazine.

Join Now

McMahon, who is with the agency's Global Investigative Operations Center, says overseas partners including Interpol and Europol alerted law enforcement here to these schemes, which, like the virus itself, have seeped into the U.S. The Washington-based center combats cyber-enabled financial crime.

There are different coronavirus swindles, he warns, adding that there are fundamental ways consumers can protect themselves from losing cash or divulging sensitive personal data.

"You always want to be vigilant,” McMahon says.

As more and more people telework, they're relying increasingly on email, so additional scams are forecast, the Secret Service says, urging extra caution.

One sickness, many sick scams

The Secret Service gave AARP a PowerPoint presentation covering a variety of schemes that pose a threat. In the presentation was an email with the words “Wuhan Viral Advisory,” which offered “promising treatments.” Currently, there is no vaccine or cure for the coronavirus.

spinner image An example of a coronavirus phishing scam via email
An example of an email phishing scam prompting recipients to download information about preventing the spread of coronavirus.
U.S. Secret Service

Another con was delivered via to an email that contains “-gov” at the end of the address. That's easily confused with the “.gov” from a bona fide government agency. The email says “Preventive measures against corona virus” in the subject line. The body of the message touts “safety measures” to prevent the virus's spread and urges recipients to download a document. But if you follow instructions and download it, you'll see a Microsoft logo and be directed to “Enter password."

"This is derived and driven from people's fear — people are fearful of coronavirus. People are looking for information to protect themselves,” says McMahon, who probes large-scale transnational crime groups.

The goal? McMahon says “credential harvesting” may be happening. That's when a bad actor gets your log-on and password and uses it for financial gain or to obtain access to the people and emails in your contact list.

Or, he suggests, it could be a way for the crook to infect your computer with malware (malicious software). Malware can allow a scammer to access your computer, where you may have sensitive information — such as access to online banking — stored.

See more Health & Wellness offers >

Yet another trick is to secretly install a “key logger,” enabling the cyber-thief to see the keys you're typing. Say you enter a password and only asterisks appear on your screen. According to McMahon, the key logger lets the fraudster see the actual letters you've typed.

"Fraudsters will take any and every opportunity that's afforded them for financial gain."

— Chris McMahon, U.S. Secret Service, special agent.

Crooks are opportunists

That criminals try to capitalize on a global pandemic does not surprise the agent, who assails them as “opportunists."

Other kinds of coronavirus scams involve con artists:

In the last example, McMahon notes that a huckster was claiming to have 10,000 face masks — ready for shipping — for $5,000. “We can prepare the shipment today against tomorrow morning as soon as payment is done,” the message continued. Take note of the awkward phrasing — “against tomorrow” — which should raise a red flag about the email's legitimacy.

As the agent urges, it's time for people to be “cognizant of their cyber-posture."

Stay cyber-safe

Here's more Secret Service guidance on staying safe.

  • Beware of phishing emails. Typically, these purport to be from reputable companies but are designed to induce people to reveal personal information, such as passwords and credit card numbers.
  • Avoid opening attachments and clicking links within emails from senders you do not recognize. The attachments can contain malicious content, such as ransomware, that can infect your device and steal your information.
  • Be leery of emails or phone calls requesting account information or asking you to verify your account. Legitimate businesses never call or email you directly for this information.
  • Always independently verify that requests for information originate from a legitimate source.
  • Visit websites by inputting the domain name yourself. Businesses use encryption and other online safety measures, and messages that indicate a certificate “error” can be a warning sign that something is not right with the site.

Discover AARP Members Only Access

Join AARP to Continue

Already a Member?