Online Banking Fraud Blog

COVID-19 is creating a boom in internet fraud, but why?

Written by Mateusz Chrobok | Jun 3, 2020

Crooks never take a break – they’re always keen to commit crimes, keeping their eyes out for new opportunities and ways to swindle people. And this is exactly what we’ve been seeing over recent weeks, with the COVID-19 health crisis creating a proliferation of online fraud attacks.

It’s not the first time that hacking activities have been tailored to exploit matters of public concern. Natural disasters, election campaigns and even social events are all used by cyber criminals to help them get what they want.

The problem is that not only are these situations exploited by “professional” or established cyber criminals, they also attract “normal” people who, when placed under pressure  (according to Cressey’s theory, which we talk about in another post), can take advantage of the opportunity to start commiting fraud.

It’s important to bear this in mind, because this crisis will generate a good deal of unemployment and some preople may be pushed by their personal circumstances to seek to generate income through fraude.

How are cybercriminals taking advantage of the health crisis?

Since the start of the pandemic, we’ve been overwhelmed with online messages, information, data and news on the virus and its effects.

We’re not good at handling uncertainty; we’re hardwired to predict and foresee outcomes – it’s what has kept our species alive.

This need to wipe out uncertainty is what has led to such a deluge of information, and this is what has attracted the attention of online fraudsters.

Phishing and smishing campaigns have spread like wildfire over recent weeks, even faster than the virus itself. So much so that we now talk about Corona-phishing or Corona-smishing.

Fraudulent emails that impersonate healthcare organisations such as the WHO are being used as bait to steal personal and banking data and even to deliver payloads of malware into the recipient’s system. Another widespread scam is calls for donations for healthcare professionals via SMS.

Who wouldn’t want to send a simple SMS to help the heroes putting their lives at risk on the front line?


We’re also seeing the appearance of internet fraud attacks that use WhatsApp to spread viral messages offering advice to stop the virus, information being concealed by the authorities, or first-hand accounts from people who have caught the virus.

These messages usually contain malicious links or ask us to make a financial donation.

In these uncertain times, messages which under normal circumstances would quickly fizzle out are going viral in a matter of hours. Who would just sit on this information rather than sending it to their contacts and loved ones?

In a world of people stuck at home, online sales are a foregone conclusion, something which has also offered new opportunities for hackers.

Online transactions and purchases and are booming, not only for essential goods but also for entertainment products and services to relieve the boredom of social isolation.

The crisis has also created a particular need for certain healthcare products such as masks, hand gels, products to boost the immune system and even drugs that are purported to cure COVID-19.


There is a shortage of these products and a mushrooming demand, with the upshot that online fraudsters are creating websites to sell worried citizens supposed miracle products that never arrive.

Actual and mid-term frauds

But of course, who wouldn’t shell out for a product that could save their life and the lives of their loved ones? 

As we mentioned before, online entertainment to relieve the tedium of lockdown is also a growth area, with online subscription video platforms enjoying a rise in sales over recent weeks.

On the back of this, free content, unlimited book downloads and streaming services where you can download your favourite series are also good bait for stealing data or delivering malware payloads.

In this situation more than ever, if something is free, then the product is you. This is how cybercriminals think, and they’re always a step ahead. Predicting your needs before you’re aware of them is how they survive.

Coronavirus, COVID-19 – these are the names of file or document attachments that you can’t resist clicking on, but which, apart from supposed instructions or warnings on how to protect ourselves form the virus, conceal ransomware which is downloaded to infect our device.

This is the cybercriminal context that we’ve been seeing recently, although it’s certain to change and evolve in step with the crisis.

  • Emails from government agencies requesting data so you can access grants to help the economy recover
  • Supposed offers of employment for people who have lost their jobs
  • Gift vouchers from companies, or official notifications from healthcare authorities about being tested...

These are just some examples of the bait being created by online attackers.

We’ve already talked about how humans hate uncertainty, how we’re designed to predict events in order to survive. This survival is related to a very fundamental decision-making mechanism that explains our behaviour and why we fall for this type of fraud. Like any other animal, we seek rewards and try to avoid punishments.

In simple terms, we search for what will allow us to live, from food to a vaccine that can cure us. On the other hand, we’re afraid of and run from anything that could cause us harm, be it a predator in the jungle that might eat us or a disease that could strike us down.

We might appear very sophisticated and complex, but all of our behaviour boils down to the search for comfort and avoidance of harm; attraction and fear; advance or retreat. These are the only two directions on the lever that guides our behaviour.


Cyber fraudsters know this and take advantage of it – all they have to do is push the level one way or another and we fall into the trap. When we’re afraid, as we are now during the crisis, which could eventually kill us, we don’t use the rational part of our brain.

Taking advantage of the nature of human survival

In moments of danger we need to take action to survive, and so we let our reptilian brain take over. This part of the brain lets us take quick decisions and run from danger without wasting time on too many rational debates.

It’s purely emotional and reactive – if we’re walking through the jungle when we hear a noise, our reptilian brain tells us to run. It doesn’t stop to ask whether it’s a predator, a falling branch or a harmless animal, we run first and think later when we’re out of harm’s way.

This is the situation we’re in at the moment. However highly evolved we might think we are, this crisis represents a significant danger of dying, and this activates our survival mechanisms, putting us on alert and pumping us up ready to run.

This happens especially at the beginning of a crisis, before we adapt and get used to it, as we’re unable to cope with conditions of fear and stress for too long. When we hear the same noise several times while we walk through the jungle, we get used to it and stop running off, unless it comes together with another threatening stimulus.

In this situation of fear, stress and uncertainty we stop being so rational and act more impulsively, making us easier victims for fraudsters.

We need masks to protect ourselves and they’re running out, so we stock up without checking whether the online store is actually kosher.

All the types of internet fraud we’ve talked about try to offer us a reward or save us from some kind of danger. But what about scams that involve supposed donations to healthcare workers or organisations? These don’t fit into the theory, because they’re not based on an individualistic question of reward/danger.

They could even go against this theory, as we lose a reward (money) and give it to other people who we don’t even know. But this reasoning is in fact erroneous. When we talk about survival, we don’t only mean individual survival, but also the survival of the species.

And this last factor is what is hardwired into our genes. If not, why would we risk our lives for our children without thinking twice? Human beings are social animals. We need other people to survive, and that’s why we crave social acceptance.

When we donate money to healthcare professionals, we do so because they help us to survive, because any decent person would do the same, and we want other people to see us as decent. When faced with a threat, we need to trust our tribe, our group, and personal benefit can take second place. Altruism is a human trait that places the common good before personal benefit.

The group provides us with a feeling of safety, but this is also related to trust and the herding instinct, aspects which fraudsters use as tools to get us to offer our data to strangers or resend messages just like everyone else. Fraudsters take advantage of the fact that we’re in “altruistic mode” to scam us.

Just because we’re social animals doesn’t mean that we’re always social, as we see when criminals break the social rules in search of individual benefit.

To understand fraud and internet fraud, we need to know what makes us human, what moves us, what motivates us and what we’re influenced by.

And it’s precisely this knowledge that fraudsters use, even if they don’t know how to define it and they’ve never studied psychology. They know that we’re interested in current affairs and trending topics, but if these topics are also characterised by uncertainty and fear, then we have a perfect storm for committing fraud.

The saying “there’s good fishing in troubled waters” could be changed to “good phishing in troubled times”.

Another of the many lessons this crisis will teach us is that the virtual world is going to become just another part of our everyday reality. We will no longer talk about the real and virtual worlds – the latter will be considered as a new sphere for sharing experiences and even a safe space from analogue threats.

And what do you think the fraudsters will do? Stay a step ahead and consolidate internet fraud as the new area for development.

Once again, those of us in charge of cybersecurity need to stay constantly alert to match the watchfulness of cybercriminals. We need to pay attention and make sure the ball is in our court, so that next time the hunter becomes the hunted.