If you check your inbox, you’ll likely find emails about Coronavirus from nearly every company that has your email address. We are living through a season where people are desperately searching for information, and unfortunately, cybercriminals are doing all they can to take advantage of this.
There has been a large circulation of phishing emails claiming to be from reputable sources such as the World Health Organization (WHO) or Centers for Disease Control (CDC). Often times, these emails use attention grabbing hooks like “Vaccine Now Available” or “New Confirmed Cases in Your Area”. Cybercriminals have also taken into consideration the organizations facing potential quarantine situations, making this a perfect time to fake an email from Human Resources. So, while there are plenty of reputable organizations that could be sending legitimate updates, here are a few ways to separate fact from fiction:
1. Ask yourself if the sender would have access to your email address for any reason. If you haven’t signed up for communication from the CDC or World Health Organization, you shouldn’t be receiving email from them.
2. Before clicking on a link, hover over it to see the full URL address. If you are unsure about the validity of the link, Google the organization it appears to be from and make sure the URL address lines up with that company’s actual website. Also, keep your eye out for any spelling mistakes as this is a dead giveaway.
3. Don’t open attachments from anyone you don’t expect an attachment from. Any major organization that would be sending status updates on coronavirus will NOT send attachments in their email. If the attachment comes from someone you trust, double check the sender’s email address and call them if you are unsure. It’s important to note that attachments in phishing emails may contain malware.
All of the standard phishing prevention measures apply. For more on the general topic of phishing, check out our WebTip on how to spot phishing in 2020.
For more on cybercrime surrounding the coronavirus outbreak, here is a helpful article from the World Health Organization: https://www.who.int/about/communications/cyber-security
With this message, we don’t want to add to the noise or the fear. This is just a reminder to use extra caution in this time of heightened vulnerability.