If you received an official-looking email from a government agency about coronavirus, would you click it? Be aware and on the lookout for email scams regarding COVID-19. Cyber criminals are using the latest public health scare to spread scams, viruses and misinformation.
Be on the lookout for:
- Malicious emails– Phishing emails will likely include alerts and warnings about the coronavirus outbreak, along with a link. Once clicked, the link will take you to a malicious website trying to steal your personal information. Looking at the link before you click will often help to identify a malicious site.
- Harmful websites– According to the U.S. Department of Justice (DOJ), malicious websites that claim to host information about coronavirus actually contains a virus that steal information, including sensitive data, from your computer. When looking for information about coronavirus online, visit official websites for trusted sources (such as the CDC or World Health Organization) directly.
- Malicious apps– The U.S. DOJ also reports that at least one Android app posing as a “coronavirus tracking app” is actually ransomware that will infect your phone or tablet, locking it until payment is received.
Example of a malicious link phishing email:
A phishing email claims to be from the Centers for Disease Control and Prevention (CDC). This real organization in the United States which provides information regarding the coronavirus uses the domain cdc.gov. The phish uses a similar domain, cdc-gov.org, which requires a close look to realize it is a spoof.
Tips to protect myself:
- Exercise caution when looking for coronavirus information on apps and websites not provided by reputable government, healthcare or educational sources. Try only to visit verified official websites for the most up to date information.
- Be skeptical of any email asking you to click on a link or open an attachment. Before clicking or opening anything in an email: Look out for spelling/grammatical errors and be sure to check the URL before clicking a link. If you do click a link and it asks for personal information or your password, do not enter it.
- Never use your smartphone to open email messages that are unexpected or seem odd. While smartphones offer email convenience, their small screens omit certain information about the messages we receive such as the sender’s full email address and the ability to hover over links to identify the URL.
- Stay vigilant! By being careful about how you engage with apps, websites and email, you can avoid becoming a victim during this difficult time.
Check out our Working From Home Security Tips article for more information.