Coronavirus Phishing Attacks: How to Identify and Protect Against Covid-19 Scams

There is an overwhelming amount of information and news coverage surrounding COVID-19.  It is virtually impossible to make it through a day without hearing new facts, figures, statistics, predictions, concerns or opinions.  This has created an opportunity for threat actors to exploit public fears about the virus by using phishing attacks.   

What exactly are they doing?

Cybercriminals are sending email messages claiming to be from legitimate organizations with information about the coronavirus. These emails often ask you to open an attachment. If you click on the attachment or embedded link, you are likely to download malicious software onto your device. 

The malicious software — malware, for short — could allow cybercriminals to take control of your computer, log your keystrokes, or access your personal information and financial data, which could lead to identity theft. 

Here is some information that can help you defend against coronavirus-related scams.

Learn to spot a coronavirus phishing email

Coronavirus-themed phishing emails can take different forms. You may see: 

CDC alerts

Cybercriminals are sending phishing emails designed to look like they come from the U.S. Centers for Disease Control. The email will likely prompt you to follow a link containing false information such as a list of coronavirus cases in your area. “You are immediately advised to go through the cases above for safety hazard,” the text of one phishing email reads when referring to a dangerous link.

Here’s an example of a fake CDC email. (All examples below come from the U.S. Health and Human Services website.) 

Health advice emails

Phishers are sending emails that offer purported medical advice to help protect you against the coronavirus. The emails might claim to be from medical experts near Wuhan, China, where the coronavirus outbreak began. Again, there may be prompts to follow a link. “This little measure can save you,” one phishing email says. “Use the link below to download Safety Measures.”

Here’s an example of a fake health-advice email: 

Workplace policy emails

Cybercriminals are targeting employees’ workplace email accounts. They disguise malicious emails as routine company emails. These phishing attacks often use policies or guidelines to get the reader to click on a link. One attempt says “we require all employees to read and acknowledge the policy”. If you click on the fake policy link, you’ll download malicious software. 

Here’s an example of a fake workplace policy email:  

Tips to recognize and avoid coronavirus-themed phishing emails: 

  • Beware of online requests for personal information – A coronavirus-themed email that seeks personal information like your Social Security number or login information is a phishing scam. Legitimate government agencies won’t ask for that information. Never respond to the email with your personal data. 
  • Check the email address or link –You can inspect a link by hovering your mouse button over the URL to see where it leads. Sometimes, it’s obvious the web address is not legitimate. However, keep in mind phishers can create links that closely resemble legitimate addresses. Delete the email. 
  • Watch for spelling and grammatical mistakes –If an email includes spelling, punctuation, and grammar errors, it’s likely a sign you’ve received a phishing email. Delete the email. 
  • Look for generic greetings –Phishing emails are unlikely to use your name. Greetings like “Dear sir or madam” should spark concerns on the legitimacy of the email. 
  • Avoid emails that insist you act now –Phishing emails often try to create a sense of urgency or demand immediate action. The goal is to get you to click on a link and provide personal information — right now. Instead, delete the message.

Learn to avoid scammers and fake advertisements

Scammers are posting ads that claim to offer treatment or cures for the coronavirus. The ads often try to create a sense of urgency — for instance, “Buy now, limited supply.” 

Responding to these ads can cause negative consequences. The two most common are: 

  1. Malware downloading onto your device as a result of clicking on the ad 
  2. Receiving a useless product, or no product at all, after sharing your personal information such as name, address and credit card number 

Bottom line – It’s smart to avoid any ads seeking to capitalize on the coronavirus. 

Know where to find legitimate information about the coronavirus

Best practice is to go directly to reliable sources for information about the coronavirus. That includes government offices and health care agencies. 

Here are a few of the best places to find answers to your questions about the coronavirus: 

Centers for Disease Control and Prevention The CDC website includes the most current information about the coronavirus.  

World Health Organization WHO provides a range of information, including how to protect yourself, travel advice, and answers to common questions. 

National Institutes of Health NIH provides updated information and guidance about the coronavirus. They include information from other government organizations, as well. 

The more you know, the safer you will be. Contact us today for information about our CyberSAFE class which enables you to identify many of the common risks associated with using conventional end-user technology, as well as how to safely protect yourself and your organizations from security risks. Delivered in a half-day or less, CyberSAFE also prepares learners to earn their Certified CyberSAFE credential!

Scroll to Top