While COVID-19 or the novel coronavirus is attracting global attention, cyber criminals are taking advantage of this general interest in more information about the pandemic. There have been reports of phishing scams attempting to steal personal information or infect devices with malware, as well as misinformation advertisements or fraudulent product advertisements.
How does phishing work? Cyber criminals send emails with information about the coronavirus, posing as representatives of reputable companies.
These emails ask you to open an attachment that supposedly contains the latest statistics. Clicking the attachment or embedded link will download malicious software to your device.
This malicious software – in English „malicious software” or „malware” for short – can enable the cybercriminals to take control of your computer, record your keystrokes or retrieve sensitive company and financial data.
The coronavirus and the respiratory disease it carries, COVID-19, has consequences for the lives of people all over the world. It’s impossible to predict its long-term effects. However, it is entirely possible to take steps to protect yourself against attempts at fraud related to the coronavirus.
Here is some helpful information.
How do I recognize a coronavirus phishing email? Examples
Coronavirus-related phishing emails can take different forms – here are a few examples:
WHO Alerts: Cyber criminals are notorious for sending out phishing emails that appear to be from the World Health Organization (WHO). For example, such an email could contain a link that supposedly leads to a list of coronavirus cases in your area. The text of the phishing email could read: „It is highly recommended that you look at the above cases for security reasons.”
Health Advice Emails:Cases of phishing e-mails with alleged medical advice on protection against the coronavirus are also known. The senders sometimes pose as medical professionals from Wuhan, China, where the coronavirus pandemic originated. „This quick measure can save you,” says a phishing email, for example. „Follow the link below to download protections.” Refrain from opening such emails or contacting the sender.
Workplace Policy Emails:The company email accounts of employees can also get caught in the crosshairs of cyber criminals. A phishing email could begin as follows: „To all employees: Because of the coronavirus pandemic, [company name] is taking active security measures as part of a policy on dealing with infectious diseases.” If you click on the fake company policy, malware will be downloaded.
How do I avoid scammers and fake ads?
Some scammers have placed ads luring users with the promise of treatment or a cure for the coronavirus. Statements like „buy now; stock limited” are often used to try to convey a sense of urgency.
If you go into it, it can have at least two harmful consequences.
First, if you click on the ad, you could be downloading malware onto your device. Second, you could end up with an ineffective product or go completely empty-handed if you let yourself buy it. And you may have revealed your name, address and credit card number.
The bottom line? It is advisable to avoid any advertisements that seek to capitalize on the coronavirus.
Tips for detecting and preventing phishing emails
Below are some methods to look through and block phishing emails related to the coronavirus.
As with other phishing scams, the aim of these emails is to trick you into clicking a link or revealing personal information that can be used in scams against you. Here are some tips on how to defend yourself against this trick.
Be careful when you are asked to provide personal information online.If you are asked to provide personal information such as login details in an email in connection with the coronavirus, it can be assumed that it is a phishing scam. Legitimate government agencies do not request any information from you. Never send a reply with your personal information to such an email.
Check the email address or link. You can check a link by moving the mouse pointer over the URL to see the destination address. Sometimes it is obvious that the web address is a fake. Be aware, however, that phishers can forge links that are very similar to real addresses. Immediately delete the email.
Watch out for spelling and grammatical errors.Spelling, punctuation, and grammatical errors in the body of the email are red flags that could indicate a phishing attempt. The same applies here: Delete the message.
Look out for generic greetings. As a rule, you will not be addressed by name in phishing e-mails. With greetings like „Dear Sir / Madam”, you should question the legitimacy of the email.
Ignore emails that are pressuring you to act. Phishing emails often try to create a sense of urgency or to put pressure on the recipient to act. The goal is to get you to click a link and reveal personal information – without stopping. Instead, you should delete the message.
Where can I find factual information about the coronavirus?
Coronavirus information should be obtained directly from reliable sources. This includes government institutions and health authorities.
Here you will find answers to your questions about the coronavirus.
The World Health Organization website has a wealth of information including instructions on how to protect yourself, travel advice and answers to frequently asked questions, as well as the most up-to-date information on the coronavirus, including:
How the coronavirus spreads
Prevention and treatment
Worldwide areas of COVID-19 Infection
information for communities, schools and businesses