As uncertainty and worry over the COVID-19 pandemic continue to mount, some scammers are capitalizing on the panic through phishing attacks designed to lure people into sharing sensitive information or downloading malicious software.
To keep yourself safe, here are some red flags to watch for as you sort through your inbox.
1. Emails that appear to be from trusted organizations
Cybercriminals often pose as officials from trusted organizations like the Centers for Disease Control and Prevention (CDC) or the World Health Organization (WHO). They buy domains that look legitimate, like cdc-gov.org, which is similar to the CDC’s real domain, cdc.gov. Before you click on any links, make sure the website matches the organization’s official domain.
2. Emails that request money or personal information
The COVID-19 outbreak is a rapidly evolving situation, and most emails you receive from trusted organizations will be informational. One sign of a phishing attempt is an email that asks for money or for sensitive information, like your bank account or social security number.
Don’t hand over any of your personal information or make payments or donations before thoroughly researching the source of the email. And remember: Neither the CDC nor the WHO accept payment via Bitcoin.
3. Emails offering cures or treatments for COVID-19
Some scammers are profiting off of fear by selling fake cures for the coronavirus. You may receive an email from someone offering a vaccine or treatment, but there are currently no over-the-counter products available in stores or online that will treat or cure COVID-19, according to the Federal Trade Commission.
4. Other warning signs.
If an email seems suspicious for other reasons, it could be a phishing attack. Phishing emails often have bad spelling and grammar, use generic greetings like “Dear sir or madam,” and create a sense of urgency by pushing users to act quickly, according to Norton.
For the latest official coronavirus information, head directly to the CDC or WHO websites. If you receive an email and you aren’t sure if it’s a phishing attempt, follow the FTC’s tips for recognizing and avoiding phishing scams.