Coronavirus Phishing Emails

Cybercriminals Look to Exploit COVID-19 Curiosity

Cybercriminals are leveraging the hype and hysteria linked with the growing COVID-19 pandemic as a tool to steal passwords and data. 

Last week, the Department of Homeland Security issued an official press release to warn the public about a steep rise in phishing attempts related to the COVID-19 pandemic.

As detailed in the press release, cybercriminals are taking advantage of the coronavirus frenzy to steal passwords, data, and money. The release cited the pandemic as being a prime opportunity for cybercriminals because it plays on human ‘fear,’ a strong emotional influencer that often causes individuals to let their guard down and inevitably fall victim to scams.

The storm of COVID-19 information combined with the significant increase in companies adopting a remote work strategy to protect their employees creates the ideal environment for email related scams. With an increased reliance on email to communicate, overall exposure to phishing emails has increased.

What should you watch for?

While the creativity of phishing experts shouldn’t be doubted, the following topics are likely to appear in your inbox.

Health Advice

Emails that offer medical advice to help protect you against COVID-19 are far too common. Typically, near the end of the email is a link for you to “download safety measures.” Do not click the link. Doing so will most likely download malicious software.

Supplier Stock Limitations/Promotions

Health isn’t the only thing being impacted heavily by the virus. With global supply chains struggling to keep up with the demands globally, desperate businesses might look for new avenues to purchase inventory. If a new business pops up in your inbox, refer to third party sources to confirm the existence and trustworthiness of the company instead of following links or downloading attached brochures.

Medical Supplies

If you’re in the medical industry, you’re probably aware of the widespread requests for new pieces of equipment and basic supplies. Opportunities like these are prime targets for criminals that thrive off of large, high ticket purchases like expensive medical devices and supplies.

Workplace Policy Announcements

If you’re reading this, you’ve probably received a legitimate email from your HR department regarding new policies as a result of the coronavirus. Cybercriminals know this is happening in organizations all over the world, so they’ll write an email that resembles a legitimate notice from an HR department.

COVID-19 Statistics

Targeting the natural curiosity about the ongoing outbreak, you’ll likely see emails touting the latest information. Looking for a quick click-bait reaction, it’s best to reference a search engine rather than click the link in an unfamiliar email.

Government Announcements

It’s far too easy for a talented cybercriminal to replicate emails that look like they are from official organizations. With the CDC becoming a trusted source of information, expect to see emails that use the CDC logo or refer to official CDC announcements. Instead of clicking the link, head directly to the official CDC website to look for updates.

Company Related Remote Work Downloads

Modern-day cybercriminals are well informed and often leverage comprehensive social engineering tactics. When receiving emails related to remote work enablement, be sure to verify the source of the email before following any instructions or following any links.

Coronavirus or COVID-19 domain names

Check Point Software Technologies found in a study that coronavirus-themed domain registrations are 50% more likely to be from malicious actors. The following domains are just a handful that were flagged for being suspicious:

• coronavirusstatus[.]space
• coronavirus-map[.]com
• coronavirus[.]zone
• coronavirus-realtime[.]com
• coronavirus[.]app
• coronavirusaware[.]xyz
• corona-virus[.]healthcare
• survivecoronavirus[.]org
• vaccine-coronavirus[.]com
• coronavirus[.]cc
• bestcoronavirusprotect[.]tk
• coronavirusupdate[.]tk

One of the first things you should look at in an email is the domain name attached to the sender and any that appear in the body. If you’re unfamiliar with the source, never click any link present in the email. When it comes to keyword heavy domain names like the ones above, it’s best to ignore the email completely.

What can you do?

One of the best ways to combat phishing is to stay informed and stay aware. When reviewing an email, make it a habit to check the sender. Be conscious of the email’s language and structure, acting with caution if something looks suspicious or inconsistent. It’s best to play it safe when approaching an unfamiliar or suspicious email since it only takes one quick click of a link to install a malicious program.

If you’re settling into a new remote working structure and you get an e-mail asking you to take an action pertaining to work, contact your supervisor. Do not click any links unless you verify them with your supervisor or IT security rep.

In the event you suspect or identify an email to be a phishing attempt, be sure to report the message as phishing. If you’re using Microsoft Outlook, this can be done by pressing the “Phishing” button found in the Junk drop-down menu pictured below.

report phishing button

While phishing is becoming a more common and prevalent challenge to businesses, the ongoing COVID-19 outbreak only amplifies our risk. By following a few basic steps, staying vigilant while reviewing emails, and keeping your team informed, we can help keep our information secure and assets safe.

If you’re searching for a way to improve your business’s information security, give us a call! Our dedicated cybersecurity team can help assess your risks, develop a strategy, and deploy a plan that’s right for your business.

Louisville Geek provides comprehensive managed IT services for a diverse range of businesses and non-profit organizations. We are passionate about IT and love what we do!

Stay updated by signing up for our newsletter