Once again, cybercriminals have proved their indifference to morality by exploiting the panic and hype for the horrifying Coronavirus epidemic via phishing attacks. Recently, The World Health Organization (WHO) has warned people about ongoing phishing scams in the wild where the attackers impersonate WHO.
WHO Coronavirus Phishing Scam
The World Health Organization (WHO) has recently warned the public about an ongoing phishing scam. The attackers behind this scam impersonate WHO and exploit the Coronavirus fear.
According to a phishing email spotted by the Sophos Security Team earlier this month, the attackers direct users to the phishing web page by asking them to click on the given link so as to seek information on “safety measures regarding the spreading of corona virus”. Though, the obvious language errors suffice to hint the falsehood of the email.
Consequently, the WHO has issued a general security alert about such phishing scams exploiting their name. As stated in their notice,
WHO is aware of suspicious email messages attempting to take advantage of the 2019 novel coronavirus emergency.
The criminals attempt to steal financial and other details from users through these campaigns. The WHO further warns that scammers may also abuse other means of communication to conduct such scams.
Beware that criminals use email, websites, phone calls, text messages, and even fax messages for their scams.
WHO Recommendations To Stay Safe From Scams
WHO recommends everyone to look for the following to avoid being scammed:
- Look for the presence of “@who.int” in the sender’s email address. In case of any modification to it, the sender isn’t anyone from the WHO.
- Check that the links in the email begin from “https://www.who.int”. As a safe side, it’s better to type the address manually in the browser.
- Be careful while sharing login credentials with anyone.
- In case you have shared login credentials already, change your usernames and passwords.
- No need to rush or panic in response to such emails.
- Report such scams to WHO via their official link.
In the previous month, we reported about a Magecart attack on an Australian bushfire donation website. As a result of this attack, the attackers pilfered the payment card data of donors.
Let us know your thoughts in the comments