2020 seems to have come in strong by hurdling the Coronavirus (COVID-1) at us pretty quickly! Now that we have more information, we can take preventative steps to keep from getting sick. However, cyber criminals are now using the Coronavirus to try and steal your sensitive information and it's just as important to take preventative measures to keep your cyber presence safe as well.
It has been reported by the World Health Organization (WHO) that they are aware of suspicious emails going out requesting personal information from people under the guise of helping to spread awareness about the Coronavirus. These emails have been identified as “Phishing” scams. Phishing is the practice of cyber criminals sending emails claiming to be from a trusted source with the intent of gaining access to your personal information such as your: usernames and passwords, credit card numbers, birthdate, or social security number.
Luckily, there are ways to prevent this from happening to you! The World Health Organization would like to remind everyone of the following:
- Make sure to verify the sender by checking their email address. If it is coming from the World Health Organization (WHO) the email address should read “firstname.lastname@example.org”. No other email addresses are used by the WHO.
- Make sure the link is correct before clicking on it. The link should only begin with ‘https://www.who.int.’If you are still unsure, do not click the link you received- open up your browser and navigate the WHO website to check if it is valid.
- Be cautious when providing sensitive info. Use extra caution when giving your username and password, and credit card info out. Most of the information on the WHO website is public info and will not require a username and password.
- Don't feel pressured to make any quick decisions. Cyber criminals rely on your panic instincts and will use this to try and get you to give them your personal information. Take a moment to think of whether or not it is appropriate that you are receiving this request.
- If you did give sensitive information out, don't panic. Change the credentials that you gave out, as soon as you can.
- If you suspect something is a scam report. Trust your gut. If you think something is wrong, report it! This will help to spread awareness about the scam and help organizations to block potential scammers. To report a scam to the WHO please follow the instructions here.
While these are somewhat specific to the WHO, the preventative steps are still just as relevant to keep in mind for any other phishing scams. Make sure that you are monitoring all your accounts and report any suspicious activity or emails.
For questions about what to do if you’ve opened a phishing scam email please check out this knowledge base article and alert ITS by emailing email@example.com or calling (718) 862-7973.