Coronavirus-themed phishing attacks and hacking campaigns are on the rise

Date published: 
16 March 2020
picture of medical person in protective clothing holding laptop

Cyber experts are picking up a range of attacks being perpetrated online as cybercriminals seek to exploit COVID-19 fears.

Cybercriminals are posing as trusted advisors for Coronavirus Covid-19 and creating malicious emails and/or websites that appear to provide genuine information about the Coronavirus. Targets are encouraged to open malicious attachments or click on malicious links that may infect their device with malware or ransomware. Some of these emails are designed to imply they’re coming from the World Health Organization (WHO) or the US Centers for Disease Control and Prevention (CDC). As with all phishing emails, these appear to be legitimate at first glance.

Picture of an example coronavirus phishing email
Coronavirus Phishing Email

Individuals in the UK have also been targeted by Coronavirus-themed phishing emails with infected attachments containing fictitious 'safety measures.' According to Proofpoint researchers, such attacks have recently become more targeted, with greater numbers focusing on specific sectors like shipping, transport or retail to increase the likelihood of success.

These phishing attacks typically grab the victim’s attention in the subject line, such as “Coronavirus outbreak in your city (Emergency)” and often include the agency’s logo, taken from the real website, to convey credibility. 

Everyone should be extra vigilant at this time and look at our article on Phishing as well as guidance on protecting yourself online in our Protections section.