The spread of Coronavirus has now made it an increasingly common topic which criminals are attempting to exploit for their own gain.
These attacks are usually repackaged and reimagined versions of pre-existing ones. Spam messages are using news sources as a way to appear legitimate whilst attracting potential victims to click on malicious links or download suspect files.
COVID-19 themed phishing emails have increased in prevalence over the past few months with fraudsters claiming to be related to a reliable source such as the World Health Organisation (WHO) or the Centres for Disease Control and Prevention (CDC).
Other scams have included the sale of face masks. One victim reportedly lost more than £15,000 after the masks ordered were never delivered. Do a little background check for the company you are buying from.
As with all scams, it is best to remain calm and level-headed when considering if an email is a scam or not as the criminals are attempting to prey on the panic and worries of readers.
Don’t click a link until you are certain you know the sender, you should watch out for shortened links for example, these will not show the website’s real name and can be used to trick a recipient into clicking.
You can check links and files on the following website to see if anyone else has flagged the website as suspicious: https://www.virustotal.com/ui-public/index.html
If you wish to visit a website, access it yourself by a web search rather than an email link.
Set up your anti-malware software to scan emails as they are delivered to your inbox.
If you are looking to buy an item from a company and you have not heard of them or trust them, try and research them. This could lead to information and reviews from others about the business, for example try looking at https://www.trustpilot.com/ to see if anyone has left a bad review.
Check the real email address of the sender, the way to do this varies between applications but usually hovering or clicking on the sender will bring up more details. This address can also be looked up to see if others have been affected by them.
Most importantly, if you have any inkling that an email is malicious, it is better to be safe rather than sorry, if you know the person then you should pick up the phone and call them.