Malicious fraudsters playing on people’s fear is not a new thing. The world has seen a surge in COVID-19 themed social media posts and email campaigns pop up since Feb 2020. Here are incidences of phishing attacks and malware you should lookout –
Selling Coronavirus Home Testing Services
No government entity or private companies are selling home testing services (free or otherwise) for COVID-19 as of now. Fraudsters impersonate well-known NGOs and other humanitarian organizations offering free COVID-19 home tests, gaining personal information- they charge their victims for fake tests or rob their victim’s homes upon gaining entry.
Bogus WHO impersonators sending phishing emails containing information-stealing virus
If the emails sound too good to be true, like for e.g. ‘COVID-19 prevention and treatment information from Department of Health- how to get vaccine free’ or demands urgency like -‘COVID-19 ventilators delivery blocked. Urgent action required to continue shipping’- it’s probably phishing emails. The latter is specifically targeted towards healthcare officials. Such emails contain documents attached which contain information stealing virus. Running such software attachments loads viruses like the Hawkeye- a keylogger that can steal credentials, intercept keystrokes, take screenshots of sensitive information and exfiltrate stolen data.
Scams involving reservation of vaccines or offering funds for economic relief
There are hoax calls and emails from health department impersonators providing coronavirus vaccine reservations and asking for credit card information. Currently, there is no vaccine for COVID-19 and no such offer is provided by any entity.
There also have been incidences of emails asking for bank account information and other personal data as an initiative by the government to provide economic relief for the pandemic. The government has approved no such legislation.
Extortion emails threating coronavirus infection
Phishing scammers are claiming to know their victim’s every detail and threating coronavirus infection on them and their families. There fraudsters pickup passwords from recent data-breach incidences and use that data to ask for bitcoin.
What measures can you take to stay safe from COVID-19 scammers?
First- Check the sender’s email address- are they what they are claiming to be? Check if their contact name actually matches with the email address they are contacting you.
Second- Do not click or tap (if you are on a laptop) – If there is a link, hover your mouse cursor over the link and inspect the domain address.
Third- Do not download files from unknown sender – Do not open attachments from external email addresses or phone numbers
Fourth- Try checking with the sender before opening their email. If the email seems suspicious (like if the sender- a friend or an employer- has no reason to send such email), then try asking the person if they sent you this specific email or if there is someone who is falsely claiming to be them. Double-check, always!