COVID-19. That’s what the World Health Organization has named the new coronavirus. As of this past Thursday, there were 15,152 new coronavirus cases reported in China alone, with more than 60,000 worldwide cases in 28 counties and at least 1,357 deaths reported. All but two of the deaths occurred in China.
Grim daily news reports regarding the quick-growing outbreak have led to lots of misinformation, rumors and even panic. With the rapid expansion and scope of the coronavirus outbreak, it has also spurred an escalation by con artists to prey on people’s fears.
The coronavirus scams have been mostly online so far. Cybercriminals rolled out classic malware and email phishing campaigns.
There have been several malware attacks through emails containing malicious Word documents, PDFs and MP4s that supposedly contain information about coronavirus prevention and protection. The scammers’ hope is to trick unsuspecting consumers into opening files or documents that promise information about the virus. Upon opening one of the bogus documents, the victim’s device becomes infected, allowing access to enormous amounts of financial and personal information.
According to the malware-fighting firm Malwarebytes Labs, it recently discovered an email scam that preys on people’s desires to help during a crisis like this. The scam arrives in a consumer’s email box entitled “URGENT: Coronavirus, can we count on your support today?” The email is supposedly from a generic “Department of Health.” In the body of the email, users are asked to donate to coronavirus prevention causes, saying, “We need your support. Would you consider donating $100 to help us achieve our mission?” Users are urged to click on a link that is disguised as a website but actually opens an application. The link itself does not contain HTTPS or HTTP, but “HXXP” instead. Don’t do it! The application, ironically, installs a virus in the user’s machine.
Security firm Sophos reports an email phishing scam that carries the logo of the World Health Organization and a message. This is the actual wording! “Go through the attached document on safety measures regarding the spreading of coronavirus. Click on the button below to download period symptoms common symptoms include fever, coughschortness of breath and breathing difficulties.” When a link is clicked, you’re taken to a form urging you to “verify” your email and your password.
Fortunately, as you’ve likely realized, with all the typos and grammatical errors, the email above is bogus. However, the simplicity of the scam page is visually effective and uses the actual current homepage of the World Health Organization. Don’t click on or fill out any forms! It’s a scam if the email says it’s from the World Health Organization.
Here are some tips to help you keep the scammers at bay:
• Don’t click on links from sources you don’t know. Viruses could be downloaded onto your computer or device.
• Beware of emails claiming to be from the Center for Disease Control and Prevention. For information about the coronavirus, go to the CDC’s website at cdc.gov/coronavirus.
• Ignore online offers for vaccinations. To this point, there have been no medical breakthroughs.
• If urged to donate to a charity, investigate before sending money. Never give if someone wants donations in the form of cash, gift card or by wiring money.
• If you realize you just revealed your password to impostors, change it as soon as you can. The crooks who run phishing sites typically try out stolen passwords immediately (this process can often be done automatically), so the sooner you react, the more likely you will beat them to it.
We don’t expect the coronavirus scams to dwindle anytime soon, but by using these tips, you can protect yourself from a serious side effect of COVID-19.
Cheryl Parson is president of the Better Business bureau serving West Central Ohio. The BBB may be found on the Internet at www.lima.bbb.org.