Phish of the Month – Coronavirus Scams

Coronavirus scams

At least 3.4 billion phishing emails are sent worldwide each day and unfortunately, this includes the utilisation of international tragedies.

Cyber criminals are cashing in on the global coronavirus epidemic by sending misleading phishing emails to exploit unsuspecting readers. The coronavirus (COVID-19) outbreak, is now affecting 43 countries around the world and has over 81,280 confirmed cases.

Amidst all the panic and fear surrounding the world at this time, a range of phishing emails are circulating the web claiming to be offering critical health advice. Such attackers are posing as well known and trusted authorities like the World Health Organisation, prompting readers to download what looks like a pdf document about “Safety Measures”. Of course, the pdf is a malicious document that will infect your device with malware.

Credit: Wired

Another scam that has been identified by the security firm Trustwave Holdings is spreading fictitious information claiming the area that the victim lives in has had confirmed cases of coronavirus. The phishing email then directs the readers to click on a link which will then prompt them to enter their login credentials.

Credit: Trustwave

Many types of coronavirus scams are surfacing and it’s important to know how to recognise a phishing email.

When it comes to spotting phishing emails, the easiest things to check for are inaccuracies, imprecisions and unprofessionalism.

Look out for the following:

  •  Blurred logos and images
  • An indiscriminate greeting, such as “Dear friend”, “To our valued customer”, “Hello there”, and other such greetings that avoid using your real name
  • Poor punctuation and spelling
  • Unprofessional formatting, such as “!!!” and UNNECCESSARY CAPITALISATION
  • An email claiming to be from ‘The Bank’, wherein the address it is sent from is more akin to [email protected], than [email protected]
  • The use of terms like “urgent”, “pertinent”, “pressing”, “legal action”, “authorities”, “overdue”, “compromised account” and other such buzzwords, with the intention of ringing alarm bells and increasing the chance of irrational activity
  • Upcoming – or even surpassed – deadlines (usually termed in hours, rather than days or weeks), also with the hope of creating panic and irrational activity
Scroll to Top