The CFO'S Perspective

Financial Scam Checklist During COVID-19 (for business or working from home)

Your most Important Tip: If you receive an email asking you to wire money or send gift cards, assume it is a fraud – every time. CALL the sender to confirm, at a number you know is correct.

We are seeing, and hearing about, an increasing number of online scams and other negative internet-based activity related to COVID-19 and the mass exodus from company offices to home offices.  

As thousands of information workers recreate office processes and routines to work in an online-only world, the scammers, spammers, information manipulators, and meeting hijackers have been busy as well.


Here are some things to look out for:

  1. Targeted emails can take advantage of the changes in some of your usual processes.
    • These emails can look legitimate and be “signed” by people in authority at a company and directed to their teams, but their goal is to make money for the actual senders through ID theft, account takeover, or wire fraud.
    • Larry Numata shared a true story in an article: The CEO Email Fraud.

  2. Payments fraud – Which can include fake PPP-related sites, or fake websites soliciting donations for pandemic-related causes. That’s one of the reasons we shared PPP resources here.

  3. Medical Fraud – You might get calls and emails impersonating a medical facility and demanding payment for ill family members.
    • Your family members can be sourced through your social media accounts and appear 100% legitimate. Be sure to check the privacy setting on all your social media accounts to minimize what is available.

  4. Investment scams – There have been offers to people to invest in fake virus treatments, prevention, etc.  You might be surprised at who will sell you on the idea that they have the cure.
    • “Not only did I create the cure, but this pill right here is the prevention,” Middlebrook said in a video posted to Instagram. Keith Lawrence Middlebrook, 52, has been charged with 11 counts of wire fraud stemming from alleged solicitations he made to potential investors in Nevada, New York, Texas, and Colorado.
  5. Zoom-bombing  – Unauthorized entry into meetings, including heckling and display of unwanted material. There are settings in Zoom to ensure privacy.

  6. Social media misinformation campaigns. If this feels foreign to you and unrealistic, read this article on the Washington Post.

Here are additional protective strategies to help you stay safe.

  1. As mentioned earlier, always verify unusual email requests or emails and calls asking for money with a phone call to a known, trusted number.
  2. Never send private business (or personal) information in response to an unexpected email. This includes social media requests, games, and other innocent looking requests. “What city were you born in?” for a personality test should be avoided.

  3. Donate to charities you know and check the domain names before donating online. (Even then, websites can be created in a day and look very professional.) You might find the IRS tax exempt organization search helpful. 
    • And be wary if you get a call following up on a donation pledge that you do not remember making – it could be a scam.

  4. Double-check amazing offers and sensational information with other sources.
  1. Use passwords and/or waiting rooms to protect online meetings.

  2. Keep your anti-virus software active and set it to update continuously so it recognizes new viruses. If you need assistance with comparing anti-virus software, If you need assistance with comparing anti-virus software, ranks them based on users’ feedback.
  3. Most security breaches involve email. If you are in IT, consider purchasing a subscription to add-on anti-spam/virus software at the server level. The cost of the service is almost certainly minor compared to the cost of a single attack of ransomware, or a single incidence of wire fraud.

  4. For additional examples and strategies to fight COVID-19 scams, see the Federal Trade Commission’s site  HERE.

This video from KGW8 offers new perspectives and a reminder about the new world we live in:

Where to report potential scams

If your credit, bank account information or other finances have been compromised in a scam, be sure to report the situation to your financial institution or lender as soon as possible. 

The Federal Trade Commission (FTC) is the main government agency that collects scam reports for the U.S. If you suspect you have fallen victim to a scam, you can report it HERE.

While the FTC does attempt to find and stop scammers, the unfortunate truth is that much of the time, money is not recovered – the best defense is protective software, and an abundance of caution.


If you're not sure about how to get started with an effective risk management program, or whether you have these risks covered, call us today for a risk assessment.

A financial risk assessment can make all the difference for your business. Preparing to take advantage of opportunities and eliminate potential landmines makes good business sense.

Get instant access to our free finance and accounting risk assessment!


Contact CFO Selections® now with any questions about our services.


About the Author

Charlotte-Morin-1Charlotte Morin is the business manager for CFO Selections, handling accounting, and IT. She brings a unique combination of skills in accounting, writing, organization, process development, and technology to the CFO Selections team.


She joined the company in 2008, following six years as co-owner and controller of an e-commerce company, eleven years as a systems analyst, and three years working to build an internet company from the ground up.

Related posts

Topics: Fraud, Security, Risk Management, COVID-19

Topics: Fraud Security Risk Management COVID-19