Application security, Malware, Phishing

World Health Organization warns about coronavirus phishing scams

The World Health Organization (WHO) issued a warning today stating scammers are disguising themselves as WHO representatives to try and con people out of money and personal information.

The WHO said phishing emails, phone calls, fake websites, texts and even faxes are being sent under the WHO name asking for various types of login information, contain malicious email attachments and links and for donations. The organization said it would never solicit such information from individuals.

“Criminals impersonate an authority figure who uses fear and a sense of urgency to trick victims into clicking on links or attachments. Attachments often contain malware, and links lead to phishing sites that look identical to genuine sites. Basic security precautions should prevent you from falling victim to phishing. Never click on links or attachments in unsolicited emails. Cross check the domain of sender's email address and any links in the email against the official website domain found through Google,” said Paul Bischoff, privacy advocate with Comparitech.

It is very common for cybercriminals and scammers to use high-profile events, natural disasters or topics in the news to try and convince an unwitting individual to do their bidding. Similar incidents have surrounded the World Cup, Olympics and damaging storms so using a deadly viral outbreak is not surprising.

“Hackers love to exploit fear and uncertainty, and crises are a big opportunity for them. I suspect that the WHO is off the radar for most people, but hackers will probably exploit the prevailing global supply chain issues and health management uncertainty to launch ransomware and other attacks. Spoof emails purporting to be from constrained suppliers or health insurance can cause a lot of financial damage to victims,” said Colin Bastable, CEO of Lucy Security.

The coronavirus has so far killed 1,400 people and infected 50,000 worldwide, according to the U.S. Center for Disease Control and the threat of illness spurred IBM Security to pull out of next weeks RSA Conference in San Francisco.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.