As the COVID-19 pandemic continues, scammers are seeking to capitalise on public fear and uncertainty, requiring brand owners to be ever vigilant in monitoring and protecting their intellectual property.

Common COVID-19 scams

Many of the early pandemic-themed scams related to 'phishing' – a tactic involving the use of websites, emails, text messages or other links that appear innocent but lead to bogus products and services or contain malware designed to harvest private data and information. The messages often use well-known brand names (or iterations thereof) to give a false impression of reputability by cloning websites, mimicking names and logos and registering domain-name variations.

Multiple instances of phishing have been identified during the current crisis. For example, scammers have used the trademarks and domains of the World Health Organisation and the US Centres for Disease Control and Prevention (CDC) – organisations leading the effort to combat the spread of COVID-19 – to trick users into clicking links or downloading apps that infect devices with malware. The links appear legitimate and coincide with a request for immediate action. For instance, in an email that appeared to be from the CDC (signed "CDC-INFO National Contact Centre"), a scammer sent a purported link to information about new COVID-19 cases in a recipient's hometown, which appeared to be an actual CDC web address. Some phishing campaigns also rely on COVID-19-based domains to infect unsuspecting users with malware.

In other instances of phishing which have arisen during the COVID-19 outbreak, scammers have used the trade names, trademarks and domains of legitimate companies and organisations to masquerade as an entity that the public trusts. Scams like these have used legitimate names or marks as the display name in the 'from' field, but a closer look reveals that the display name is a cover up. A recent scam sent emails that claimed to be from the Gates Foundation, but the email address next to that display name had a typo in its domain ('gatesfonudation.org'). Obviously, the unauthorised use of an organisation's trademarks in this manner can damage an entity's reputation and trademarks.

Combating scams

In this environment, with fraudsters seeking to exploit widespread fear and panic, companies and organisations must remain vigilant in policing and protecting their trademarks to prevent unauthorised use. Brand owners can take several steps to protect their marks and mitigate damage in the event of a scam. For instance, the Department of Justice is encouraging reports of fraudulent activity involving COVID-19 to the National Centre for Disaster Fraud, the FBI and the Internet Crime Complaint Centre. Brand owners can also pursue cancellations or transfers of improperly registered domain names through the Uniform Domain Name Dispute Resolution Policy, a relatively inexpensive and swift process. More traditional trademark lawsuits with requests for expedited relief are also available. Brand owners should also consider corrective messaging, warning consumers of the scam and making it clear that they are not the source.

Brand owners should also bolster efforts to protect their trademarks through robust registration practices, which will help to facilitate and expedite relief in the event of a scam. Those enhanced practices may include registering domain name variations that scammers might use for phishing and registering important marks in strategic geographic areas, both in and outside the United States. These actions may prove particularly important for organisations working on the front line in the fight to flatten the COVID-19 curve, as demonstrated by the examples above.