1. Human Resources
  2. Tools and Samples

Coronavirus Scams

Learn about how scammers are using COVID-19 to scam small businesses.
By Garth Coulson, Updated Mar 7, 2023
Red letter with a hand indicating "stop."

As if times were not trying enough, small business owners are now being warned that COVID-19-related scams are on the rise. The Office of Inspector General, the independent body responsible for providing objective oversight of the Small Business Administration, said in March that small businesses are being targeted through grant fraud, loan fraud, and phishing. Some estimate fraud to reach $20 billion from SBA-backed programs.

According to researchers at cybersecurity firm Barracuda, 9,116 COVID-19-related phishing attacks have been detected. In January, a total of 137 were detected, and by the end of February, that number leaped to a total of 1,188 coronavirus-related spear-phishing attacks.

How the Coronavirus SBA Scam Works:

The Better Business Bureau has received a number of reports of COVID-19 scams. They all work in a similar way.

  1. You receive an email, text, or call.
  2. You are told you've been contacted by an SBA representative or an attorney for the SBA.
  3. You're requested to fill in a short, simple form.
  4. You submit the form.
  5. You are approved for your loan.
  6. You are asked to pay a processing fee.

Example:

One of these COVID-19 Scam reports said that someone was contacted via text message, with the simple text: "2020 Emergency Fund: please reply GO."

SBA Application Number Email:

Researchers at IBM X-Force recently detected an attack similar to the SBA loan scam mentioned above.

  1. The recipient gets an email from the SBA.
  2. They are given an application number which can be used to access a “small business disaster assistance grant.”
  3. They are prompted to sign an attached document. The document "authorizes" a request for a tax return transcript.
  4. They are told to upload the document on the SBA’s website.

By clicking on the attachment, a type of remote access trojan malware is installed on the recipient's computer.

Fake Centers for Disease Control and Prevention Emails:

Along with phishing scams like the SBA scam, the FBI has also warned people against a fake CDC email scam.

If you get an email from the CDC offering more information on the virus, do not click links or open any attachments. These scams are being used to install malware on your computer. The FBI has also warned people against websites and apps that "track COVID-19 cases worldwide." These are also being used to install malware. Malware can be used to steal personal information or to lock a computer and demand money to unlock it.

Scam

Description

Online testing

People receive an SMS text message informing recipients that they need to take a mandatory COVID-19 test. To take the test, the recipients are asked to click on a link.

Infected

An email informs you that one of your friends, family, or colleagues has the virus and you may be at risk. The email instructs you to download and print an Excel spreadsheet to fill out. When you open the attachment you are prompted to enable the content. This final step allows a trojan downloader to install.

How to Avoid Coronavirus Scams:

  1. Don’t respond to texts, emails, or calls about checks from the government.

  2. Ignore online offers for vaccinations and home test kits.

  3. Hang up on robocalls.

  4. Watch for emails claiming to be from the CDC, WHO, or SBA.

  5. Do your homework when it comes to donations.

  6. Don't click on attachments or links you don't recognize.

  7. Look for a website that ends in .gov or .ca. These are safe.

  8. Do a quick internet search when you're unsure.

  9. Be wary of messages to you through social media.

FAQs:

Should I respond to emails, texts, or calls from government agencies about COVID?

According to the FTC, no. These are likely people trying to get personal info or finding ways to have aid checks redirected.

Are online coronavirus vaccine offers legit?

No. At this time there is no known vaccine for COVID-19. Online offers of vaccines are likely related to fraud.

Are home test kits for coronavirus legit?

No. At this time there is no test kit, and the FTC has warned that these offers are a scam.

Related Articles:

What To Do If You Are Laid Off

A complete step-by-step guide on what to do if you have been laid off.

What is a Nonessential Worker?

Classifying nonessential workers, their responsibilities, and state requirements.

What is an Essential Worker?

Classifying essential workers, their responsibilities, and state requirements.

Layoff Letter Due to COVID-19 (Coronavirus)

Read about the structure of a layoff letter due to COVID-19 with a free downloadable template for employers.

Salary Reduction Letter

Includes a free downloadable template of a salary reduction letter for employers.