Published June 8, 2020
If you received an official-looking email from your school or a government agency about coronavirus, would you click it? Cybercriminals are using the latest public health scare to spread scams, viruses and misinformation.
As always, exercise caution when browsing online, downloading apps or reading email.
Organizations like the Centers for Disease Control and Prevention (CDC) and the World Health Organization (WHO) have been warning the public that cybercriminals are using their names and images for phishing attacks.
The WHO cautions on their website, “If you are contacted by a person or organization that appears to be from WHO, verify their authenticity before responding.”
The U.S. Department of Justice is also reporting that harmful apps and websites are popping up to steal your information and spread viruses, under the guise of offering information about coronavirus.
When looking for information about coronavirus online, visit official websites for trusted sources (such as the CDC or WHO) directly.
Phishing emails will likely include alerts and warnings about the coronavirus outbreak, along with a link. Once clicked, the link will take you to a malicious website trying to steal your personal information.
The email address may look legitimate at first glance. For example:
UB students regularly receive phishing emails in the form of fake job offers. These emails sometimes even appear to be coming from people at UB, like advisors, professors and deans.
Now many of these fake job emails are being branded as COVID-19 relief. One variation of the email touts a "student empowerment program" that is offering online jobs to students... all you have to do is reply and send them your personal email address.
Take a minute to review the signs of a fake job email. Although these scams may incorporate the latest events from the news, there are usually still signs that a job offer is too good to be true.
According to the U.S. Department of Justice, malicious websites that claim to host information about coronavirus actually contain trojan viruses that steal information, including sensitive data, from your computer.
Specifically, the website corona-virus-map[dot]com was cited as containing the AZORult Trojan.
The U.S. DOJ also reports that at least one Android app posing as a "coronavirus tracking app" (downloaded from coronavirusapp[dot]site) is actually ransomware that will infect your phone or tablet, locking it until payment is received.
Exercise caution when looking for coronavirus information on apps and websites not provided by reputable government, healthcare or educational sources.
Be skeptical of any email asking you to click on a link or open an attachment. Before clicking or opening anything in an email:
As the coronavirus sitatuation evolves, scammers continue finding new ways to exploit the crisis for personal gain.
By being careful about how you engage with apps, websites and email, you can avoid becoming a victim during this difficult time.