16th March, 2020
Ai Editorial: Cybercriminals are trying to capitalize on the outbreak of Coronavirus Disease 2019 (COVID-19) by sending a high volume of this disease-related phishing emails, writes Ai’s Ritesh Gupta
Are you about to open a Corona virus-related malicious file? Or have you already inadvertently opened one?
We all need to be aware of phishing emails that are being sent by scammers, fraudsters and hackers. These emails feature files in various formats that are being disguised as documents relating to the newly discovered Coronavirus. Fraudsters are counting on public fear as they design malicious email campaigns, hoping the same would lure users into clicking on a link or open an attachment. So avoid clicking on links in unsolicited emails.
Typically emails, featuring information about COVID-19, are being sent from seemingly legitimate organizations. For instance, a malicious email falsely claiming to be from the U.S. Centers for Disease Control and Prevention is in news. Such emails generally ask the user to open an attachment to see the latest statistics or are even offering online offers for vaccinations. Or scammers are coming up with recommendations or medical advice to protect one against the coronavirus. If a user clicks on the attachment or embedded link, they end up downloading malicious software onto a device. The malicious software paves way for illegitimate access to, or damage, computers, and possibly lead to identity theft as well.
Cybercriminals have also targeted employees’ workplace email accounts. Plus, according to Norton, scammers have posted ads that claim to offer treatment or cures for the coronavirus. The ads often try to create a sense of urgency — for instance, “Buy now, limited supply.”
Verify before taking action
We have to be suspicious of an email that creates a sense of urgency or an action on an immediate basis. Take your time, check who has sent the email – look at the email id, for instance. Do not open attachments without first making sure the request is authentic.
It is becoming increasingly difficult to identify malicious emails. Acknowledging the threat, The World Health Organization (WHO) has admitted that fraudsters are posing as representatives of the organization to steal money or sensitive information. WHO has asserted that if one is being contacted by a person or organization that appears to be from WHO, then one must confirm their genuineness before responding. There are appeals for funding or donations that aren’t related to WHO.
WHO will:
How to prevent phishing - a user would need to take extra steps, but these aren’t really tough things to do. They might take more time than usual to access information but then it is worth it if one can avoid being a victim to such phishing email scams: