Coronavirus: Online and email scams

March 14, 2020

Cyber criminals often capitalize on the sense of urgency and panic that can result during a natural disaster. And the coronavirus offers these cyber criminals a golden opportunity to do just that. 

For example, a group of cyber criminals are currently posing as the World Health Organization (WHO) through an email scam where they send the recipient an email with an attached document that they say contains coronavirus safety measures. Instead, when the recipient clicks on the attachment, it launches malware designed to steal sensitive patient information, or ransomware that locks up the recipient’s computer network until a ransom is paid. 

In response, the World Health Organization released the following statement: 

“The World Health Organization will:  

• never ask for your username or password to access safety information
• never email attachments you didn’t ask for
• never ask you to visit a link outside of www.who.int 
• never charge money to apply for a job, register for a conference, or reserve a hotel
• never conduct lotteries or offer prizes, grants, certificates or funding through email” (1)

They add that the “only calls for donations WHO has issued is the COVID-19 Solidarity Response Fund…Any other appeal for funding or donations that appears to be from WHO is a scam.” (1)

It is always a best practice to not click on links or attachments in emails from unknown or unverified senders. These links may contain malware, ransomware, or spyware designed to steal sensitive patient information or to download a virus onto your computer. 

The Federal Trade Commission (FTC) also warns against online offers for coronavirus vaccinations. Ads and sales pitches informing you of a medical breakthrough are highly illegitimate. 

The U.S. Securities and Exchange Commission (SEC) also warned against messages encouraging you to invest in a company claiming to produce products that prevent, detect, or cure the coronavirus. The SEC also asks that “submissions of tips, complaints, or referrals relating to suspected securities fraud or wrongdoing can be made online at https://www.sec.gov/tcr.” 

Be aware of persuasion tactics employed by cyber criminals, and visit our Cyber Page on the Resource Hub for more information about cyber security and best practices. 

Source

Beware of criminals pretending to be WHO. World Health Organization website. Available at https://www.who.int/about/communications/cyber-security. Accessed March 14, 2020.  

COVID-19 resources
This is a developing issue, and we encourage you to use the following resources to stay informed with the most up-to-date and reliable information:

• Texas Medical Association (TMA) COVID-19 Resource Center
• Texas Medical Board (TMB) COVID-19 page
• Centers for Disease Control and Prevention (CDC) COVID-19 resource page
• Texas Department of State Health Services (DSHS) COVID-19 webpage
• The Institute for Health Metrics and Evaluation (IHME) COVID-19 projections
• Johns Hopkins Coronavirus Resource Center
• TMLT Resource Hub - Coronavirus updates and resources