June 2, 2020 —It seems like any major disaster brings on scams that take advantage of very real fears and concerns. The COVID-19 pandemic is no exception. The World Health Organization (WHO) is warning us to beware of cybercriminals that are pretending to be WHO. So we wanted to share some general tips to help you spot a potential phishing scam.
What is Phishing?
“Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.” Criminals can then exploit that information and create or access accounts in your name.
Unfortunately, scammers are creating very convincing messages, sometimes even accessing names of people or organizations you trust. So here are some tips that will help you spot a phishing message:
- Watch out for emotional pleas that emphasize fear, urgency, greed and curiosity.
- In an email message, examine following closely, and look for errors and irregularities – email signatures, sender address and general email tone.
- Beware of attachments, log-in pages and links. Think before you click!
Cofense, an organization that helps companies identify phishing scams, shared this infographic with helpful tips.
And a Word About Ransomware…
Another scam that is going around appears to target Android users. Please be wary of an app that promises access to a coronavirus map tracker but instead holds your contacts and other data for ransom, according to the threat intelligence firm DomainTools.
“To protect yourself against ransomware that capitalizes on the coronavirus, DomainTools offers the following two tips:
- Be sure to only use trusted information sources from government and research institution’s websites (World Health Organization, Centers for Disease Control and Prevention, and your local state and county health departments). Don’t click on anything in your email that’s health related. In general, be sure to follow all of the basic phishing recommendations—be aware that people are trying to capitalize on fear here.
- Ensure that you download Android applications only from the Google Play store. There is a much higher risk of downloading malware from untrusted third-party stores.”
The same good advice should apply to any smartphone user. For iPhone users, always download apps from the App Store.
Be safe and be well everyone!