Coronavirus Phishing Scams: How to Protect Your Information

COVID-19 has already impacted many individuals’ lives. From the cancellation of various events to working from home, everyone is taking precautions to keep themselves and others safe. Unfortunately, criminals are taking advantage of the interest and fear surrounding coronavirus to trick individuals and steal their information. In this blog, we’ll discuss ways that you can spot and avoid potential coronavirus scams.

How Cybercriminals Are Leveraging Coronavirus

Security experts have seen a dramatic spike in email scams linked to coronavirus. These malicious emails have been found in English, French, Italian, Japanese, and Turkish languages. 

Known COVID-19 Email Scams

There are a few types of phishing campaigns that have been tracked and documented that you should be looking out for.

  1. Cure-Related Emails: The first type of email to keep an eye out for claims to come from a doctor stating that the governments are covering up a vaccine. The email includes an attached document supposedly with more information. However, the attachment actually takes users to a malicious webpage designed to harvest login details. 
  2. COVID-19 Tax Refund Emails: In this dangerous scam, criminals are posing as government officials providing tax refunds because of coronavirus. The links in the email lead to a fake government website that encourages users to input all of their financial and tax information.
  3. Coronavirus Safety Information Emails: Criminals impersonate the World Health Organization (WHO) in this email, prompting users to click on an attachment for information on safety measures. This scam is especially convincing because the WHO is one of the leading organizations for news and updates for the coronavirus, making the email seem appropriate and trustworthy. 
  4. False Virus Update Emails: Another scam that is spoofing a legitimate source, this phishing email pretends to come from the Centers for Disease Control and Prevention (CDC). It relays false information that often spreads fear. For example, one states that coronavirus has become airborne and encourages clicks on a link designed to gather email and password information.
  5. Donation Emails: The last type of COVID-19-related phishing email in this list asks individuals to donate to help fund projects aimed at stopping and preventing the virus. The user can then click on a link and make an immediate payment.

These are not the only types of emails criminals are sending related to coronavirus. Many are impersonating reputable sources, like the CDC. Others may look as if they are coming from your own company, attaching a workplace policy surrounding the virus. Even more, a significant number of new websites related to COVID-19 are being registered, many of which are believed to be dangerous.

How to Avoid COVID-19 Phishing Scams

Because of the surge in malicious emails and websites, you must be careful to click on links or attachments in your emails. Here are a few tips to help keep you and your organization from being fooled by one of these tricks.

Check Links Before You Click

These criminals are smart, and they understand that by posing as a trustworthy source, many individuals will fall for their scams. That is why so many of these emails look as though they are coming from reputable sources like the WHO or the CDC. 

Be wary of any emails you receive from these organizations. If the email includes a link or attachment, it’s better to be safe and avoid clicking on it. Instead, go to your web browser and visit the site directly. Then, you will be getting information straight from the source, and you won’t risk any potential dangers. 

Don’t Respond to Requests for Information

If an email is asking you for personal or financial information, be extremely suspicious. Legitimate agencies won’t be asking for that type of information. So, it’s a good red flag that the email might be dangerous. You should never respond to an email with your personal data. If you’re still not sure whether it is legitimate or not, just revert to our first tip and visit a website directly. 

Watch Out For Spelling and Grammar

When phishing emails first began, it was pretty typical for them to include all kinds of spelling and grammar mistakes. However, since then, criminals have gotten smarter. They’ve learned how to create an email that looks extremely real.

However, it’s still good practice to watch out for incorrect spelling or grammar. It can be a tip-off that something isn’t quite right

Be Suspicious

In the end, the best practice to avoid phishing emails is just to be overly cautious. Again, malicious actors have found ways to make a phishing email almost impossible to tell apart from a real email. Try to avoid links unless you are 100% certain of the sender. Even then, it might just be best to create a habit of visiting sites directly.  

The uptick in COVID-19 scams likely will continue to grow as criminals profit off of this worldwide event. Be wary of emails related to coronavirus to keep your information out of the wrong hands. 

Related Insights