Coronavirus: Online and email scams

Cyber criminals often capitalize on the sense of urgency and panic that can result during a natural disaster. And the coronavirus offers these cyber criminals a golden opportunity to do just that. 

For example, a group of cyber criminals are currently posing as the World Health Organization (WHO) through an email scam where they send the recipient an email with an attached document that they say contains coronavirus safety measures. Instead, when the recipient clicks on the attachment, it launches malware designed to steal sensitive patient information, or ransomware that locks up the recipient’s computer network until a ransom is paid. 

In response, the World Health Organization released the following statement: 

“The World Health Organization will:  

  • never ask for your username or password to access safety information
  • never email attachments you didn’t ask for
  • never ask you to visit a link outside of www.who.int 
  • never charge money to apply for a job, register for a conference, or reserve a hotel
  • never conduct lotteries or offer prizes, grants, certificates or funding through email” (1)

They add that the “only calls for donations WHO has issued is the COVID-19 Solidarity Response Fund…Any other appeal for funding or donations that appears to be from WHO is a scam.” (1)

It is always a best practice to not click on links or attachments in emails from unknown or unverified senders. These links may contain malware, ransomware, or spyware designed to steal sensitive patient information or to download a virus onto your computer. 

The Federal Trade Commission (FTC) also warns against online offers for coronavirus vaccinations. Ads and sales pitches informing you of a medical breakthrough are highly illegitimate. 

The U.S. Securities and Exchange Commission (SEC) also warned against messages encouraging you to invest in a company claiming to produce products that prevent, detect, or cure the coronavirus. The SEC also asks that “submissions of tips, complaints, or referrals relating to suspected securities fraud or wrongdoing can be made online at https://www.sec.gov/tcr.” 

Be aware of persuasion tactics employed by cyber criminals, and visit our Cyber Page on the Resource Hub for more information about cyber security and best practices. 

Source:
Beware of criminals pretending to be WHO. World Health Organization website. Available at https://www.who.int/about/communications/cyber-security. Accessed March 14, 2020.  

 

Previous Article
Coronavirus: Plans for your practice
Coronavirus: Plans for your practice

As more is learned about coronavirus, it is important to remain aware of tangible actions your practice can...

Next Article
HIPAA and the coronavirus
HIPAA and the coronavirus

HIPAA and public health emergencies: updates from the OCR