While people are preparing themselves against COVID-19 (coronavirus), another threat that has appeared is cybercriminals trying to take advantage of people’s uncertainty and fears.

Recently, the Canadian Centre for Cyber Security (CCCS) has reported several phishing campaigns and malware scams from imposters and fraudsters who are posing as health agencies such as World Health Organization (WHO) and the U.S. Centres for Disease Control and Prevention (CDC).

These scams use a fake website that looks like the real WHO website along with a fake pop-up window in front of it asking for a user’s personal email address and password to gain access to their health information.

People are also warned to beware of email attachments that have been linked to the U.S. CDC.

“That one proclaims there is a document attached that is official advice from the government on how to stay safe during the coronavirus outbreak,” says Chester Wisniewski, cybersecurity specialist at international security firm Sophos. “If you try and open that document and it infects your computer with malware, it will try and steal your online banking information and your passwords.”

The CCCS has released a list of steps for people to avoid falling victim to scams and protecting their information.

  • Make sure the address or attachment is relevant to the content of the email.
  • Make sure you know the sender of an email.
  • Look for typos.
  • Use anti-virus or anti-malware software on computers.
  • Make sure that the sender’s email address has a valid username and domain name.
  • Be extra cautious if the email tone is urgent.
  • If you were not expecting an attachment, verify with the sender.
  • Make sure URLs are spelled correctly.
  • Directly type the URL in the search bar instead of clicking a provided link.
  • If you must click on a hyperlink, hover your mouse over the link to check if it directs to the right website.

Other steps also include using passwords that no one but yourself can figure out easily, keeping all mobile devices, computers, and apps up to date, backing up your data, and protecting your social media and email accounts.