CoronaVirus Cyber Security Threats
DigitalBank Vault® provides sophisticated Digital Anti Surveillance technologies: military-grade encryption devices for ultra-secure anonymous communication (voice calls & text messaging) with untraceable file transfers & storage solutions
Privacy is Priceless
Criminals are disguising themselves as WHO to steal money or sensitive information. If you are contacted by a person or organization that appears to be from WHO, verify their authenticity before responding.
The World Health Organization will: never ask you to log in to view safety information never email attachments you didn’t ask never ask you to visit a link outside of www.who.int never charge money to apply for a job, register for a conference, or reserve a hotel ever conduct lotteries or offer prizes, grants, certificates or funding through email never ask you to donate directly to emergency response plans or funding appeals.
Beware that criminals use email, websites, phone calls, text messages, and even fax messages for their scams. You can verify if communication is legit by contacting the WHO directly.
Phishing: malicious emails appearing to be from WHO
WHO is aware of suspicious email messages attempting to take advantage of the 2019 novel coronavirus emergency. This fraudulent action is called phishing.
These “Phishing” emails appear to be from WHO, and will ask you to:
give sensitive information, such as usernames or passwords
click a malicious link to open a malicious attachment.
Using this method, criminals can install malware or steal sensitive information.
How to prevent phishing:
Verify the sender by checking their email address.
Make sure the sender has an email address such as ‘email@example.com’ If there is anything other than ‘who.int’ after the ‘@’ symbol, this sender is not from WHO.
WHO does not send emails from addresses ending in ‘@who.com’, ‘@who.org’ or ‘@who-safety.org’ for example.
Check the link before you click.
Make sure the link starts with ‘https://www.who.int’. Better still, navigate to the WHO website directly, by typing ‘https://www.who.int’ into your browser.
Be careful when providing personal information.
Always consider why someone wants your information and if it is appropriate. There is no reason someone would need your username & password to access public information.
Do not rush or feel under pressure.
Cybercriminals use emergencies such as 2019-nCov to get people to make decisions quickly. Always take time to think about a request for your personal information, and whether the request is appropriate.
If you gave sensitive information, don’t panic.
If you believe you have given data such as your username or passwords to cybercriminals, immediately change your credentials on each site where you have used them.
If you see a scam, report it.
If you see a scam, tell us about it.
How to Protect Yourself from Phishing Attacks
Here are some helpful tips to protect yourself from coronavirus related scams:
The best thing you can do for yourself and those you work with is to educate and inform. Let those around you know that there is a phishing attack going around and not to open or click on anything that looks suspicious.
Never give another entity login credentials to your email provider. This is personal and private information that should never be shared.
Check URLs before clicking on them. Some might be misspelled, revealing that they are fake. Even hovering over the link will show that the link does not take you to the desired website, and the email should be deleted.
If you come across a phishing email, report it to either your IT department at work or the entity it is claiming to represent. Making the CDC or WHO aware of a phishing attempt will help prevent further attacks.
Do not open attachments from senders you do not recognize or do not typically receive emails from. This is how malware can be transported onto your machine. Instead, reach out to that person and confirm they sent you something. While inconvenient, this one action can potentially save you a lot of trouble in the long run.
If you want to stay up-to-date and informed about the coronavirus, visit the CDC’s website to ensure that you receive the most accurate and credible information.
The emails, are made to look like they are from the Centers for Disease Control (CDC) or World Health Organization (WHO), using domains that are similar to theirs so that the sender appears legitimate.
The email will contain an action-inducing subject line that urges the user to open it, such as “Coronavirus Emergency in Your City.” The body of the email will sometimes contain stolen logos from the CDC or WHO to make it look more official and will contain legitimate information about the virus.
The most-reported attack prompts users to click on a link to find out more about the virus or to see a list of new cases in the area. This link, though, will take users to a fake website where scammers attempt to collect personal information. The cybercriminals then harvest Microsoft Outlook login credentials, which puts both individuals and businesses at risk. By gaining access to someone’s email, the attackers will collect any information within Outlook so that they can directly or indirectly gain access to funds.
Another tactic being used is the attackers will send an attachment or a link, convince users to open it, and then place malware on the computer, which will compromise the information held on that machine and others within the same network.