The World Health Organizations: Beware of Coronavirus Covid-19 Scam

As the number of Covid-19 cases continues to increase around the world, cybercriminals are taking the opportunity to exploit individual and organisations. According to the World Health Organisation (WHO), cybercriminals are using methods like phishing e-mails to prey on victims, by pretending to be WHO representatives. With that, they recommend if anyone received an e-mail by a person or organisation claiming to be from the organisation, they should be aware and take the time to verify their authenticity. 

These individuals are always taking advantage of the trending global issue and turn it into a scam. As usual, they will ask for login information, sending unknown e-mail attachments, directing people to a different website other than www.who.int, and also requesting for direct donations to emergency response plans or even funding appeals.

The WHO also stated that the organisation has never done these actions, and warns the people that scams come in the forms mentioned above: e-mails, phone calls, text messages, websites and even fax messages.

To know a little bit more about the activity of the scammers, they send out malicious e-mails which are called "phishing" e-mails. They will try to manipulate people into thinking that the e-mail came from the WHO, and ask for personal information like usernames and passwords, click on suspicious links and even open malicious attachments. Once users fall into the trap in giving their information, the criminals will able to install a software that enables them to gain access to, or damage, computers.

James Forbes-May

We spoke to James Forbes-May VP of Asia Pacific at Barracuda Networks, the email security specialists.  James told us "It's really unfortunate that cybercriminals who use phishing techniques often prey on people's fears. Phishing is successful because it plays with people's emotions. When we are are happy or scared about something we are less likely to use critical reasoning. That's how and why Phishing e-mails continue to work as people react before they think. Even though this is a very high profile example the best practice is no different here, users need to be educated and made aware of the threat, the more we expect it the more chance they won't be fooled. Companies should also remember it's not just posing as WHO that has cybercriminals rubbing their hands with glee. Business is extremely vulnerable at this time with multiple distractions coming as a result of coronavirus such as increased numbers of employees working at home potentially being more susceptible. With average breach detection taking 279 days, it could be well after the dust settles on this current emergency before companies realise the damage has been done. In terms of these fake WHO approaches which are happening right now. An effective first step is for your IT department to e-mail users warning them to look out for this scam, and if they receive anything unexpected from the World Health Organization to check it and seek advice if they are unsure."

While there are many cases going around with criminals pretending to be someone from the WHO, the WHO themselves have provided official advice on how to prevent phishing scams. The following are:
  1. Check the sender's e-mail address and verify if it comes from an official WHO employee
  2. Check the link provided before clicking it
  3. Be cautious when providing your personal information
  4. Do not feel the need to rush or feel under pressure
  5. Do not panic when you gave away your personal information
  6. Report to the WHO if you see a scam.
You might also like
Most comment
share us your thought

0 Comment Log in or register to post comments