The New York Police Department (NYPD) is looking into online scams that involve threatening to infect an individual’s family with COVID-19 if they refuse to pay those targeting them, The Daily Beast reported Wednesday.
The scam, part of the tidal wave of malicious cyber activity during the coronavirus pandemic, involves the cyber criminals using phishing emails to play on fears of the virus to pressure individuals to give them money or cryptocurrency.
The Daily Beast reviewed a sensitive NYPD document dated April 20 that warned that “threat actors around the world have flooded the internet with COVID-19 themed phishing scams in attempts to capitalize on fears of the virus for financial gain.”
The NYPD did not immediately respond to The Hill’s request for comment on the report.
John Miller, the NYPD’s deputy commissioner of intelligence and counterterrorism, told The Daily Beast in a statement that “the commercial scams, trying to defraud institutions out of hundreds of thousands of dollars, are complex and layered. These are of great concern because of the amounts of money involved and the fact that the person who pays needs these supplies to protect patients or customers.”
Miller said the scam had been “less successful” because it was “far-fetched,” but he warned that only a few needed to fall for the scam for the cyber criminals to make a profit.
“The bad guys buy the names and passwords in bulk from the dark web, so if you send out 300,000 of these emails you only need a few people to fall for it to make a nice profit for very little investment,” Miller said.
The scam is part of an overall trend in attempted online scams, with malicious groups using the COVID-19 crisis to prey on individuals at a higher rate.
Google announced earlier this month that it had tracked more than 18 million malware and phishing emails related to the the coronavirus pandemic per day, in addition to about 240 million daily coronavirus-themed spam emails.
Scams have particularly targeted vulnerable hospitals seen as more likely to pay hackers, along with impersonating government websites in order to target stimulus checks and small business loans sent out by the federal government.