Scammers are Exploiting Coronavirus Fears to Phish Users

March 9, 2020

Be aware of COVID-19 links or text messages that come to you unsolicited

Several Government (CDC, FTC, FBI, etc.) and World (WHO) organizations are reporting an increase in attackers posing as legitimate agencies trying to trick people into sharing their account access credentials or opening malicious email attachments.
Attackers have also been sending emails that feed on concerns about COVID-19 to spread malware. More than 4,000 coronavirus-related domains have been registered since the beginning of the year. Of those new domains over three percent are considered malicious and another five percent are suspicious. 

Click on the heading of each article below for more information or a close-up of the scam.

COVID Text scam

COVID Text Message Scams

If you receive a text message like the one pictured here, DO NOT click the link! It is not a message from any official agency. It is however a gateway for bad actors to find their way into your world.

COVID-19 Scam

Fake Stimulus Check Emails

The FBI's Internet Crime Complaint Center (IC3) is warning users of a new ongoing phishing attack that uses fake government economic stimulus checks as bait to steal personal information from potential victims. Criminal actors are using a variety of means to contact potential victims. In one instance, the criminal actors are using spoofed email addresses posing as U.S. Treasury officials requesting that the victim provide personal identifying information (PII), so that they can receive their share of the stimulus. A redacted example of an attack email is below: Be aware of phishing emails asking you to verify your personal information to receive an economic stimulus check from the government. Government agencies are not sending unsolicited emails seeking your private information in order to send you money.

WHO and CDC fake emails

Fake Government Agency Emails

Bad actors are impersonating the World Health Organization (WHO) and the Center for Disease Control (CDC) emails and using them to send malicious content. Do not be fooled. Visit their respective pages directly: https://www.who.int/emergencies/diseases/novel-coronavirus-2019 and https://www.cdc.gov/coronavirus/2019-ncov/index.html

Map of COVID-19 spread

Fake Coronavirus Maps

Attackers are using the pandemic to send out maps of infected areas. These carry malware and infect your device when interacted with. See the above links to WHO and CDC for locations to find this type of information from reputable sources.

Special Offer image

Additional Scams

We advise caution when receiving unsolicited offers for free software. "Vendors (of a variety of reputations) are spamming distributed IT with “free offers”. We are seeing an increase in emails with all manner of free offers. In most cases, accepting them without any enterprise agreement, DUA, and other contractual instruments that we use to protect privacy, mitigate risk, ensure regulatory compliance (HIPAA, FERPA), and maintain ownership of University data and intellectual property is a liability. There are a lot of vendors right now using the crisis as an opportunity to up-sell universities from free to paid offerings and/or to get our data and monetize it. Don’t take the bait." - via Micronet listserv

For more information on these types of attacks: