Coronavirus. Where there’s a crisis, there’s an opportunity.
From a cyber attacker’s perspective, this is a prime opportunity. People are worried and businesses are planning. People’s attention is elsewhere and guards are down.
So, it comes as no surprise that the number of phishing emails has spiked.
Fraudulent emails are landing in inboxes which seem to be from The World Health Organisation. They’re being sent with PDF attachments that are said to include Coronavirus safety measures, links to educational material and so on.
Fraudulent emails are designed to look authentic. By casting the net wide, some inevitably defeat the spam filter and end up in inboxes with emails from seemingly trusted sources.
What do you need to look out for?
Fraudulent email and web addresses
Phishing emails often come from an address that appears to be legitimate, but with a closer look, discrepancies can be spotted. Fraudsters can put any name they like in the ‘from’ field. The emails may contain the names of organisations to which we trust and associate with providing us with useful information, e.g Coronavirus. Brand logos and trademarks are not assurances that the email is ok, because hackers simply download these from the internet to deceive.
Even anti-virus badges can be inserted into emails to persuade the victim into thinking an email is from a legitimate source.
Phishing emails can sometimes contain poor language in the body of the message. Grammatical errors and conflictive sentence structure are common in these fraudulent emails, but while poor grammar is a giveaway, not every email of this type will feature errors, so it’s always important to stay alert.
Many phishing emails are successful because they create scenarios or are sent on the back of topical issues such as Coronavirus. They prey on the times when we’re concerned about something and know that fear makes us vulnerable.
Attachments and links
If you receive an email with an attachment from an organisation that you place trust in, take a closer look at the actual email. You might not normally receive emails from them, but given what’s in the news and on everyone’s minds, it may not seem out of the ordinary, so have a closer inspection.
Don’t open it. Attachments spread malware.
Many phishing emails contain suspicious links. Don’t click on it.
Check the URL. Once you click on the link, it’ll either ask for further information or start to infect your systems.
Points to consider
- Never reveal your passwords
- Always use different passwords for different accounts
- Set up multi factor authentication
- If you do expose personal credentials, change passwords immediately
Need additional support? We’re here to help.