Coronavirus Scammers: Help your users spot Covid-19 phishing emails

As the Coronavirus pandemic evolves, scammers are now using the fear of the public to capitalise on the panic as a method of stealing money and data.

The Wall Street journal found that scammers are using doctored emails, imitating the 'World Health Organisation'. These sophisticated phishing scams are capitalising on people’s fears, a powerful behavioural driver.

The shamelessness on capitalising on a pandemic is clear, but it demonstrates the ingenuity and constantly developing methods of these scammers. It is important to remain calm and vigilant in all matters at these times, and that includes protecting your personal information.

World Health Organisation Advice

Many companies still rely on email to share policies, so with the growing confusion around the next steps to take, scammers can slip through the cracks. Health advice emails, advising people to sign up to doctor and fake links to “safety tips”.

Some emails are even claiming to have found a cure for the virus! As of yet, (12th March 2020) there is no vaccine so these emails should be deleted immediately.

To verify that an email is legitimate contact the World Health Organisation directly, and flag the phishing email as fraud if it is so to help others avoid making the mistake of giving these scammers their details.

Any Coronavirus themed email that seeks personal information is a phishing scam, According to The advice for all phishing emails remains the same, never respond to an unsolicited email with your personal data.

The World Health Organisation has recommended to check the original email address to make sure it is a legitimate email, be careful to look closely- scammers will create emails as close to the WHO email as possible, so note any small inconsistencies.[1]

The World Health Organisation has published the following checklist to make sure that you should refer to when assessing whether you have received a phishing email. They have provided the following advice:

who checklist to avoid being phished

Source: World Health Organisation

Types of phishing scams to look out for

Some scammers are even pretending to be charitable causes, asking for donations to help research the virus![2] As with other advice, do not donate unless you can confirm the ID and the charity. You can do this by looking up the official website and emailing them directly. An example of a phishing email looks like the below: 

phishing email fake coronavirus email world health organisation

Source: NBC News

Emails such as the one above may, at first, look legitimate. But notice the misspelling of ‘safety’, lack of personalisation and poor grammar. However, other scammers may be more cunning, so it is important to stay aware, calm and follow all of the tips above!

Help your business maintain secure operation during the Covid-19 outbreak

As a result of the Coronavirus-related phishing attacks, our customer response materials - incl. training courses, policies and more - are now free available.

View Covid-19 Resources