Scammers will always try to take advantage of various situations to exploit people – and the current pandemic has been no different. People are scared and looking to do what they can to prevent themselves catching or transmitting it – and scammers are preying on that fear. We’ve received numerous attempts ourselves – although some of them are caught and dealt with by spam and security filters, some can still slip through the net, and it pays to be aware. These kinds of scams are known as phishing scams – as they “fish” for user data – and we’re trying to help as many people as possible avoid being hooked!
At the moment, of course, there are many different emails circulating about topics related to COVID-19. How to prevent yourself from catching the disease complete with a fake link, others pretending to be from the WHO offering “tips” in an attachment – which later turns out to be a keylogger or trojan. In light of some of the government measures introduced, there have also been fake tax rebate emails, asking people to click on a link and enter their details (into a fake website that looks just like the real thing) to claim their refund. We’ve seen scam emails touting vaccines (for a price) or even offering fake COVID-19 testing – all of these are intended to prey on the current vulnerabilities and worries of the general public.
Typically, people will trust official-looking emails far more than they should. There is no tactic that scammers and phishers will not use – if they think it’ll be successful, they’ll use any avenue to exploit people – including using the logos and names of government or global organisations.
A common tactic is to attempt to instil some sense of urgency into the reader – “you must contact us within 24 hours as you or someone you know may be infected” or “this is a time-limited vaccine offer”. Sometimes they will ask the reader to click on a link or open an attached document for more information.
Never open an unexpected attachment, and never follow a link to enter personal details, even if the email seems to be from a reputable source, such as the NHS, WHO, or HMRC. COVID-19 phishing scams are relying on people’s trust in government and official agencies to be successful.
If an email has you concerned, navigate to the site yourself by typing the address into your browser. It’s easy to place fake links into emails, and although there are methods to easily spot this kind of scam, people still fall for it more often than they should.
If you’re still concerned, you can always call the relevant government agency or the NHS – use the phone number on their website. Never call a number in an unexpected email – as scammers also use this method to target people!
Next week we’ll be talking about how to spot more everyday email scams – stay safe!