Coronavirus phishing emails: How to protect against COVID-19 scams
The overwhelming amount of news coverage surrounding the novel coronavirus has created a new danger — phishing attacks looking to exploit public fears about the sometimes-deadly virus.
How does it work? Cybercriminals send emails claiming to be from legitimate organizations with information about the coronavirus.
The email messages might ask you to open an attachment to see the latest statistics. If you click on the attachment or embedded link, you’re likely to download malicious software onto your device.
The malicious software — malware, for short — could allow cybercriminals to take control of your computer, log your keystrokes, or access your personal information and financial data, which could lead to identity theft.
The coronavirus — or COVID-19, the name of the respiratory disease it causes — has affected the lives of millions of people around the world. As the pandemic continues to spread and cause chaos around the world, hackers and scammers have identified multiple opportunities to take advantage of the wide-spread panic. With an increase in social engineering attacks in Australia, having strong anti-malware software and staying vigilant is more important than ever. It’s impossible to predict its long-term impact. But it is possible to take steps to help protect yourself against coronavirus-related scams.
Here’s some information that can help.
- How do I spot a coronavirus phishing email? Examples
- How do I avoid scammers and fake ads?
- Tips for recognizing and avoiding phishing emails
- Where can I find legitimate information about the coronavirus?
Emotet. One of the most recent types of malware attacks, Emotet uses the hysteria of the Coronavirus outbreak to target users not only in Australia but across the world as well. Organisations and users in countries that have recently been infected with the Coronavirus are targeted with emails pretending to provide helpful information regarding the virus – only to infect the user once they open the attachment.
In the beginning of March this year, people in Ukraine were targeted by the malware after receiving emails disguised as the Ukraine PHC (Public Health Center). While also deceiving recipients by using the WHO (World Health Organization) logo, the fake email claimed to provide important information regarding preventing infection. Readers who then opened the attached Word Document had a ‘back door’ for the Emotet virus installed onto their computer unknowingly.
CDC alerts. Cybercriminals have sent phishing emails designed to look like they’re from the U.S. Centers for Disease Control. The email might falsely claim to link to a list of coronavirus cases in your area. “You are immediately advised to go through the cases above for safety hazard,” the text of one phishing email reads.
What do the emails look like? Here’s an example of a fake CDC email. (All examples below come from the U.S. Health and Human Services website.)
Health advice emails. Phishers have sent emails that offer purported medical advice to help protect you against the coronavirus. The emails might claim to be from medical experts near Wuhan, China, where the coronavirus outbreak began. “This little measure can save you,” one phishing email says. “Use the link below to download Safety Measures.”
Here’s what a fake health-advice email looks like.
Workplace policy emails. Cybercriminals have targeted employees’ workplace email accounts. One phishing email begins, “All, Due to the coronavirus outbreak, [company name] is actively taking safety precautions by instituting a Communicable Disease Management Policy.” If you click on the fake company policy, you’ll download malicious software.
Here’s an example.
Scammers have posted ads that claim to offer treatment or cures for the coronavirus. The ads often try to create a sense of urgency — for instance, “Buy now, limited supply.”
At least two bad things could happen if you respond to the ads.
One, you might click on an ad and download malware onto your device.
Two, you might buy the product and receive something useless, or nothing at all. Meanwhile, you may have shared personal information such as your name, address, and credit card number.
Bottom line? It’s smart to avoid any ads seeking to capitalize on the coronavirus.
How important is antivirus software in Australia?
Warnings about increased Emotet ransomware attacks in Australia started back in October 2019 before the Coronavirus outbreak, when it was suspected that Emotet was behind the high-profile malware attack on Victorian hospitals and health services last year.
As new Emotet malware emails target countries that have reported recent Coronavirus outbreaks, Australia could be the next country targeted. With Emotet continuing to hold the number one place for ‘most wanted malware’ in 2020, having secure anti-virus software protecting your computer and devices has never been more important in Australia. An increase in employees working from home has further increased these risks for companies, especially if employees aren’t using work-issued devices or lack anti-malware software.
Here are some ways to recognize and avoid coronavirus-themed phishing emails.
Like other types of phishing emails, the email messages usually try to lure you into clicking on a link or providing personal information that can be used to commit fraud or identity theft. Here’s some tips to avoid getting tricked.
- Beware of online requests for personal information. A coronavirus-themed email that seeks personal information like your login details or card information is a phishing scam. Legitimate government agencies won’t ask for that information. Never respond to the email with your personal data.
- Check the email address or link. You can inspect a link by hovering your mouse button over the URL to see where it leads. Sometimes, it’s obvious the web address is not legitimate. But keep in mind phishers can create links that closely resemble legitimate addresses. Delete the email.
- Watch for spelling and grammatical mistakes. If an email includes spelling, punctuation, and grammar errors, it’s likely a sign you’ve received a phishing email. Delete it.
- Look for generic greetings. Phishing emails are unlikely to use your name. Greetings like “Dear sir or madam” signal an email is not legitimate.
- Avoid emails that insist you act now. Phishing emails often try to create a sense of urgency or demand immediate action. The goal is to get you to click on a link and provide personal information — right now. Instead, delete the message.
- Donations. If you’re planning on making a donation, ensure you are on the charity’s official page or website before giving away any personal details.
It’s smart to go directly to reliable sources for information about the coronavirus. That includes government offices and health care agencies.
Here are a few of the best places to find answers to your questions about the coronavirus.
Australian Government Department of Health. The Department of Health Website includes the most current information about the coronavirus. It also lists government initiatives for citizens, updates and resources.
World Health Organization. WHO provides a range of information, including how to protect yourself, travel advice, and answers to common questions.
Copyright © 2020 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.