The global pandemic of COVID-19 has created an urgent need for the most up-to-date information, which can make it difficult for users to ensure they are clicking on reliable resources. Situations like this can play to a fraudster’s advantage. Malicious activity related to COVID has been seen coming through just about every channel: email, social media, text and phone messages, and misleading or malicious websites. Below are some common examples to watch out for:
- Phony charities - There has been an increase in websites seeking donations for illegitimate or non-existent charitable organizations. Fake charity and donation websites will try to take advantage of good will. Instead of donating the money to a good cause, these fake charities keep it for themselves.
- Malicious websites - Fake websites and applications that claim to share COVID-19 related information will actually install malware, steal your personal information, or cause other harm. In these instances, the websites and applications may claim to share news, testing results, or other resources. However, they are only seeking login credentials, bank account information, or a means to infect your devices with malware.
- Illegitimate health organizations - Cyber criminals posing as affiliates to the World Health Organization (WHO), the Centers for Disease Control and Prevention (CDC), doctor’s offices, and other health organizations will try to get you to click on a link, visit a website, open an attachment that is infected with malware, or share sensitive information. This malicious activity might originate as a notice that you have been infected, your COVID-19 test results came back, or as a news story about what is happening around the world. The legitimate site for CDC is www.CDC.gov and the legitimate site for WHO is www.who.int