Tips to Deal with COVID-themed Phishing Scams 


The coronavirus pandemic was a new kind of challenge for the medical community because of the unknown factors. And online threat actors actually started using this factor of unknown to carry out phishing attacks. As bizarre as it might sound, not just individual users, but even businesses ended but being the victims of such phishing attacks. The security concerns that stemmed out of this unique way of theft started making people wary of carrying out even legit communication since they were not aware of which ones were genuine and which ones were fake. 

The different ways in which hackers tricked users under the name of COVID pandemic are as follows. 

  1. Fake websites that looked like genuine sellers of sanitizers and masks were created. Since hackers purchased legit domain names and the websites looked so real that users ended up filling their payment details on the malicious websites. As a result, a lot of monetary damage was done. 
  2. Fake emails under the name of WHO were circulated worldwide. Again, the source looked so much like the actual WHO websites that organizations – primarily, the medical community – ended up clicking on the malicious links. 

The widespread use of such phishing tricks was so new that it took people unawares. And with the extent of monetary losses and financial damage that firms and users suffered from obviously made them wary of every such communication. 

However, the COVID related phishing methods were new then, they aren’t really that new now. Not much can be done about the damage that was done earlier, but there are actually many ways in which you can protect your assets from such thefts now. 

A genuine cybersecurity protocol that you can follow to protect sensitive data from advanced malware and phishing attacks are listed below. 

  1. Do not click on any email that’s coming from an unsolicited source or a source that you do not recognize. Report those emails to the web security team of your company as soon as possible. The chances that the same email has been sent and circulated to other employees are very high. So, raising an alert quickly can actually help in stopping a malware attack. 
  2. When an email arrives with attachments, do not click on the attachments directly. Analyze the email carefully before deciding what to do. 
  3. Never click on links that are pasted in the body of the email. Simply copy the text and paste it in a safe software to scan it and avoid clicking on the link completely. 

That said, other than these precautions, some advanced online security techniques that will help are as follows. 

  • Using the MFA technique. 
  • Enabling the use of VPN for remote workers. 
  • Using network segmentation.
  • Patching bugs and vulnerabilities.