As the Coronavirus continues to spread worldwide, so do phishing attacks disguised as helpful information on the outbreak. Security experts report an uptick in phishing messages being sent to businesses and individuals on the topic. Many appear to be checklists and fact-sheets PDFs with information on cleaning or remote work. Clicking on these links or attachments will instead download malware on your machine that can hold your data for ransom or act as spyware.

The World Health Organization (WHO) also reports that hackers are sending phishing emails appearing to come from the WHO. The organization has reminded people that it will never require you to log in to view safety information or email attachments you did not request.

How to avoid phishing attacks

You must be vigilant when receiving an email regarding the Coronavirus. Before clicking on any link or attachment you must:

  1. Verify the sender: Hover your mouse over the “from” line to detect the true sender. If you do not recognize the email address or it does match the organization it claims to be from, do not click.
  2. Check all links: Before clicking on any links in the email, hover your mouse over the URL or button to ensure the link is going where it says it is.
  3. Do not open attachments: Do not open any attachments from an unsolicited email or if you are unsure.
  4. When in doubt, delete: If you are unsure, delete the email and contact the sender or organization directly to verify that they sent the information.

Be vigilant online and remember the 10-second EMAIL rule: Examine Message and Inspect Link. If you receive an attachment or link in an unsolicited email—do not click.