Have you recently received an email or text urging you to make an unexpected payment or buy something now!? Was it linked to the current pandemic? If so, you are probably getting phished.
Uptick in Phishing Emails during the Pandemic
Since the start of the COVID-19 pandemic phishing and smishing (sms-phishing) has become even more notorious and prominent. We’re all afraid of the disease and the consequences it may have on our lives and this fear is exactly what cybercriminals need – it makes us do things we wouldn’t do normally and act quickly.
To fully exploit the current situation, scammers send emails or texts claiming to be from legitimate organizations such as U.S. Centers for Disease Control, the World Health Organization or NGOs dealing with the pandemic. The messages claim to contain information on infected people in your area. They may ask you to click on a link which allegedly takes you to a website where you can make a donation to help fight the pandemic. Or they can try to convince you to buy a product that can strengthen your immune system and help you stay healthy. There are a couple things these messages have in common: they seem very urgent and are leveraging your fear around the current pandemic to make you do something.
When you fall victim to these sneaky tricks , you either download a malicious file giving cybercriminals easy access to your device or you provide your personal details to an unknown entity. The result is the same – you get phished and unintentionally provide someone sensitive info about yourself!
Don’t let yourself get caught in a trap!
Phishing is bad enough without the coronavirus. But when it plays with emotions regarding our health, it’s even worse. And by worse, I mean more effective at getting you to click! Fortunately, you can protect yourself against it by following rules which we list for you below.
- Don’t open emails from a person or organization you don’t know.
- Don't share your personal information, such as your name, address, Social Security number or credit card details via email.
- Check the email address against the organization it is claiming to be coming from. Also, check the link provided before you click – it’ll most likely look suspicious.
- Watch out for unusual wording, spelling and grammar mistakes. If the email contains those, it’s likely to be a phishing attempt.
- Watch out for generic greetings, such as “Dear User” or “Dear Sir or Madam”. Your suppliers or agencies would use your full name instead.
- Watch out for emails which urge you to act now. Cybercriminals don’t want you to look at their messages for too long or to think about what they want you to do. They play on your first reactions.
- If you want to visit a website of the organization that you think just emailed you, type the domain name directly in the browser.
- If you want to donate money to an NGO, go directly to their website and do it there.
- Install antivirus software on all your devices and keep them updated.
- Get trained in online safety or have a refresher. The more you hear about cybersecurity the more alert you become which makes you less susceptible to cyber attacks!
Have you got phished? Here’s what to do!
If you receive a suspicious email or text, report it to your IT department, delete it and notify the organization it claims to be coming from. This way you will spread the news about the scam and prevent other people from getting phished!
If you have already clicked on a link or opened an attachment containing malicious software, run a scan of your device for malicious software. If by accident you entered your login credentials, change them immediately. If you provided your credit card number or bank details, get in touch with your bank straight away.
Remember that all info regarding the pandemic and the virus can be found on legitimate websites. Go there if you need to know more! Here are some examples of COVID-themed phishing that could target you, your company or your family...