5 March 2020

Coronavirus Phishing Scams

4 mins read

Table of Contents

Share post

Coronavirus phishing attacks are widespread and are making mainstream news globally. Unfortunately, not everyone is watching this news update. As the Coronavirus (COVID-19) outbreak continues to spread, cybercriminals have become more ingenious with their phishing attacks, adding a financial and malicious impact to this devastation.

The moral impact of the Coronavirus, of course, has no impact on cyber criminals. The public is seeking any updates and hopefully hearing of either positive resolution to the outbreak or new ways to prevent the infection.  Human nature is to look for these answers.

We have collected several Coronavirus malicious phishing examples to aid end-users in detecting the types of phishing threats that cybercriminals are using to meet their aims.

Of course, as well as publishing these threats to your end-users, we would highly recommend, if not already in place, that your organisation embark on an education and continuing monthly testing of end-programme.

The latest in preventative measures

The following two World Health Organisation (WHO) malicious phishing attempts impersonates a Coronavirus specialist from WHO to trick victims.

The e-mail urges the victim to download a malicious file disguised as a safety document.

The phishing attempt gives the recipient the option to click a “Safety Measures” button. 

The same attack, following, was spotted without the WHO branding, but instead targeted to the victim’s region. The lack of branding is an attempt to negotiate your e-mail security junk or scoring systems.

This attack uses a link to a “Safety Measure.pdf” which again is to attempt a malicious attack or credentials gathering exercise.

If the victim clicks either the button or link, they are redirected to a spoofed WHO site and prompted to provide their e-mail address and password.

Another example of a recent malicious e-mail, below, again plays on survival instincts.  A striking image and a legitimate-looking e-mail address help towards an official or important looking update on the Coronavirus.

New cases in your area

This attack preys on the fears of Coronavirus spreading near the victims’ location. Disguised as a CDC alert, this phishing e-mail tricks victims into clicking a malicious link by offering an updated list of new cases of the virus documented near them.

An internal organisation official alert e-mail

This phishing attack takes an internal communications approach by impersonating an organisation’s President to deliver an announcement at an attachment disguised as tips to prevent infection. The attachment is designed to infect an employee’s device with malware.

The Donation Scam

In these times, requesting donations from kind-hearted people is, sadly, easy prey to cybercriminals. Proven to work from legitimate donation e mail communications, scams such as these are used after natural disasters, human misery and charity organisations. The following phishing attack solicits donations to fight the spread of the Coronavirus. The attack imitates a CDC emergency outreach e-mail and asks victims to deposit money into a Bitcoin account. Where Bitcoin donations should always be treated suspiciously, they are becoming more prevalent.

Malicious Coronavirus domain registrations

Along with the phishing tactics above, one of the largest concerns facing cybersecurity researchers is the massive increase in Coronavirus-themed domain registrations. Many cybersecurity experts suspect that these Coronavirus-related domain names will be used for phishing attempts like those we are highlighting.

Facts from the specialists

In the following Coronavirus phishing attempt, the cybercriminal impersonates a doctor from The Central Hospital of Wuhan to highlight the recipient’s fears, provide an authoritative voice to the e-mail and convince the victim to download or open a malicious file attachment.

Fake product scam

Beyond the Coronavirus phishing threats listed above, the National Cyber Security Centre (NCSC) is warning consumers of investment or purchasing scams related to products claiming to prevent, detect or cure Coronavirus. Future phishing attacks may leverage the same, or variations of these, tactics.

Prepare your employees for coronavirus phishing attacks

Coronavirus phishing attacks currently show no signs of slowing down. The cyber industry has already seen a wide range of tactics cybercriminals are using to scam victims, infect their devices and steal information.

By providing your employees with our simulated phishing training, you will not only help them detect these phishing attacks at work to keep your organisation secure but also help them develop more secure habits to stay secure at home.

We provide incredible cybersecurity E-Learning combined with a truly bespoke and targeted service for every individual customer to ensure effectiveness. Fully Managed and at a lower cost than managing yourself, you can get all your employees trained and kept vigilant around cyber security without adding to your already busy workloads and project list.

Woman typing on laptop in a dark room with light overhead

12 February 2024

Penetration Testing vs Vulnerability Scanning: Why your organisation might need them

Man with glasses typing on laptop with light shining down

5 February 2024

Best Practice for Business Passwords 2024

Man and woman sitting opposite one another typing on laptops

18 December 2023

UK Small Businesses Need to Invest in Cyber Security