The World Health Organization (WHO) has released a warning cautioning people of coronavirus-themed phishing attacks.
The recent coronavirus (COVID-19) outbreak has many people on edge, and it’s not surprising that cyber crooks are taking advantage of this situation. It is also not surprising that they are disguising themselves as the World Health Organization to phish people and trick them into installing malware.
The agency is aware of these phishing attempts and has cautioned people to be vigilant if they are contacted by someone claiming to be from the WHO. Sophos Security Team has also reported about coronavirus-themed email phishing attempts earlier this month.
The reported phishing attacks are pretty basic and have little effort put into them. They contain many grammar and spelling mistakes, which will be obvious to fluent English-speakers. The fake WHO email will likely request that users click on the provided link or download the attached file in order to receive a list of the safety measures or coronavirus symptoms to look out for. Considering how the subject of coronavirus has been dominating the news for weeks now, it’s not all that surprising if people fell for the phishing attempt.
“These “Phishing” emails appear to be from WHO, and will ask you to: give sensitive information, such as usernames or passwords; click a malicious link; open a malicious attachment,” the WHO has said.
Opening an attachment in such an email would infect the computer with some type of malware, which could steal sensitive information, or encrypt files and then demand money for their recovery.
Pressing on a link in the email could lead to two outcomes. The user would either be redirected to a website which would initiate a malicious download, or it would be a phishing attempt. The site will likely be imitating the legitimate WHO page and ask users to “verify” their emails by typing in their email address and the email’s password before they can access the information. For more security cautions users, the request to put in the email password will be an immediate red flag
It is a rather obvious phishing attempt but unfortunately, not everyone can spot them. For someone concerned with the coronavirus, it may be a no-brainer to type in the password to get the details about how to protect oneself. However, passwords, particularly for such sensitive accounts like emails, should never be revealed to anyone.
The WHO advises users on how to prevent coronavirus phishing attempts
To prevent falling for a phishing attack, the WHO recommends users first verify the sender of the email by checking the email address. Only emails that are sent from addresses ending in @who.int will actually be from WHO.
“WHO does not send email from addresses ending in ‘@who.com’ , ‘@who.org’ or ‘@who-safety.org’ for example,” the agency reminds.
The next step would to be verify the link, if one is provided in the email. A legitimate link will lead to https://www.who.int. It would be best to just not click on any link at all, and instead go to the agency’s website directly.
“There is no reason someone would need your username & password to access public information,” the United Nations health organization also advises users to be careful when providing personal information and consider why someone needs that particular info.
Users who have provided their personal information are advised to not panic and change their credentials immediately. The agency also asks users to report a suspected scam if they encounter one.