COVID-19 Phishing Scams, and How to Avoid Them

“Never let a good crisis go to waste” is the mantra that phishers follow when taking advantage of societies in a state of panic. Criminals of all types invent new and horrific ways to exploit the fears and pains of the people suffering from the pandemic.

Here are some of the methods cybercriminals will employ to attack you, and how to keep yourself from being a cybercriminal’s next victim.

What Different Methods Do Phishers Use?

These methods can, unfortunately, work well in tandem with one another. Each phishing method below is dangerous on its own. What’s worse is that a phisher can use these tactics in tandem; the process would look remarkably similar to a legitimate marketing campaign.

They create fake ads that capitalize on the pandemic.

Phishers run ads claiming to sell miracle products that instantly kill the coronavirus in your system or prevent you from getting it at all. Both ads prey on the Fear of Missing Out (commonly known as FOMO in the marketing world) and say that “only a few are left in stock.”

People enter their sensitive information to receive this miracle product, and they receive nothing but an empty bank account.

They set up a legitimate-looking fake website using a similar domain name to a major company.

Phishers also set up sites that look legitimate, and even use a similar domain name as a legitimate company. Phishers would direct people to log in and disclose their usernames, passwords, and other pieces of sensitive information.

Phishers can also use this opportunity to upload malware onto your computer or phone if you don’t use the proper security measures.

They send emails from a domain name similar to a major company’s domain name.

They use that domain to send emails to the legitimate company’s customers, requesting payment, and giving money transfer instructions. Distracted or untrained customers that receive this email may transfer the money to an account owned by the phisher.

Even worse, these scammers can pretend to be from government agencies such as the CDC. They can link to malicious sites or download malware attachments in the form of a PDF. Either way, you would download malicious software if you click on the links provided in these emails.

How to Prevent Yourself from Becoming the Next Phishing Victim

Spot Fake Ads

Ignore any ad that promises miracle results, especially ones that pertain to the coronavirus. No matter how much sense they appear to make, or how compelling the argument may be, remember the age-old adage “if it’s too good to be true, it isn’t true.”

Learn to Recognize Fake Sites and Phishing Emails

Multiple telltale signs exist in even the most perfectly thought out phishing email Here are some of those signs:

  • They come from a suspicious web address (or one that is close to, but not quite, a legitimate web address.)
  • They ask for your personal information, like your credit card information, social security number, or login information.
  • The site or email have apparent spelling or grammar mistakes.
  • The email uses generic greetings like “Dear Sir or Madam.”
  • They demand immediate action or create a sense of urgency to give them your sensitive information.

Delete all emails from unfamiliar sources.

The easiest way to protect yourself from being the victim of a COVID-19-inspired scam is to do the same thing you should do with any other scam: delete emails from every source you don’t recognize.

The best protection against these scams is to get information from the right sources. Visit the CDC, WHO, and the NIH for updated information on the coronavirus.