Novel Coronavirus has been spreading rapidly throughout the world and it becomes a hot topic today across the news channel all over the world. The world population today has been under great fear today and hackers are looking to exploit that fear using phishing attacks. Also Read: How hackers spread malware with fake coronavirus info app?
So how the hackers currently do these coronavirus phishing attacks? Cyber criminals or hackers send e-mails containing alerting information about the coronavirus and they send e-mails by pretending themselves as legitimate organizations such as from WHO or something else. The email encourages you to download an attachment to see the current statistics about coronavirus. As soon as you click on the attachment or embedded link, the malicious virus or Trojan come to your device.
The malicious script, Trojan, virus or keyloggers could allow the hackers to exploit the data available on your device or computer. Hackers can view your keystrokes, access your personal information or confidential data and further can theft your data as well.
The novel coronavirus is the dangerous respiratory disease that has taken the lives of so many people around the world and millions of people are still affected from it. The disease is still spreading very fast and the fear among the people is rising. The hackers are taking it as opportunity by exploiting the fear among the people. Here, we at DICC want to make the people aware about as how to protect yourself against so-called coronavirus-phishing email scams.
Coronavirus Phishing emails can come to your inbox in different forms. Below are the few examples of coronavirus phishing emails:
CDC Alerts: Hackers sending emails that looks like as they are from USA authorized health centers to control this contagious disease of coronavirus. The phishing email contains the list of coronavirus cases as happen in your locality or area and you are encourage to go through a link to click to read out the safety measures to combat this disease.
So, how these coronavirus phishing emails look like. See below images to find how the emails will look like. All of the samples of those emails come from the U.S. Health and Human Services website.
Healthcare Instructions emails: Attackers or cyber criminals also send coronavirus phishing emails wherein they provided expert healthcare advices to help the people to protect themselves from coronavirus. This email claimed to be from the expert doctors of Wuhan, China where this contagious disease began. “This little measure can save you,” one phishing email says. “Use the link below to download Safety Measures.”
Here’s what a fake health-advice coronavirus phishing email looks like.
Workplace policy emails. Cyber attackers are also targeting employees’ workplace email accounts. One phishing workplace email starts as, “All, Due to the coronavirus outbreak, [company name] is actively taking safety precautions by instituting a Communicable Disease Management Policy.” The e-mail also encourages you to click on the link on the fake company policy and you will download the malicious software with that link.
Here’s an example.
You might also get caught by the coronavirus ads that have posted on different platforms on internet which claims you to offer authorized treatment for coronavirus and asks you to buy their fake products. There might two harmful things can happen to you by clicking on these sorts of fake ads:
1ST: You might click on this ad and also download the malware on your device.
2nd: You might buy that product or service which is completely useless.
Therefore, you should always be cautious and avoid those sorts of advertisements over internet.
How to identify the coronavirus phishing emails?
So, how you will be able to identify and avoid the coronavirus phishing emails:
#1. Do not give away your personal information from any online request: An e-mail that ask you to give your personal information such as your social security number or other logging in information of your social accounts can be phishing scam. Authorized Govt. organizations didn’t ask for such information, so you should always avoid such emails that ask for your personal information.
#2. Carefully observe the links in the e-mail before clicking: You should always be cautious before clicking on any link in the email. Before clicking the link, you should hover your mouse over the link and see where it lands. By analyzing the link, you can easily identify whether it is landing towards some legitimate website or it is a malicious link. If you feel bit of doubt, instantly delete the email.
#3. Carefully check the spelling and grammatical mistakes: If an email contains grammatical mistakes, spelling mistakes or some sort of punctuation errors, it might be suspicious that it is a phishing email. Immediately delete that kind of email.
#4. Avoid E-mails that asks you act instantly: Phishing e-mails many a times will create a sense of urgency and encourage users to take an immediate action. The basic goal behind it is to trap the user if he/she is in fear of something. So, don’t show urgency before clicking to any link in the e-mail.