How To Protect Yourself From Coronavirus Phishing Campaigns?


7-layers of Security for Your WordPress Site

Your website needs the most comprehensive security to protect it from the constant attacks it faces everyday.


As the world battles with the Coronavirus offline, there are plenty of cybercriminals looking to take advantage of the situation online. With so many people locked indoors and hence, online, there has been a 600 percent rise in phishing campaigns in the last month. If you’ve had a flood of emails asking for donations for Coronavirus infected regions of the world or for a testing kit, you’re not alone.

Unfortunately, in most cases, such messages and emails are scams. Cybercriminals are trying to take advantage of our anxiety in the midst of this global chaos. The emails and messages are a part of phishing campaigns run by cybercriminals whose main motive is to steal money.

Economic experts are predicting a devastating effect on the global economy in the coming quarter. Businesses are going to take a hit, growth is going to slow down, and many are likely to lose their jobs. Given the state of affairs, it’s important to learn about phishing scams and ensure that you don’t become a victim of such scams.

In this article, we will help you understand the different types of phishing scams that we have been observing over the past month. And, we are going to show you the steps you can take to ensure that you don’t fall prey to them.

[lwptoc skipHeadingLevel=”h3,h4″ skipHeadingText=”Final Thoughts”]


What Are Coronavirus (Covid-19) Phishing Campaigns?

Phishing campaigns are malicious operations in which cyber-criminals send emails or text messages with enticing offers. They disguise their emails and messages to make them seem legitimate. Readers are asked to click on links that mostly ask them to share personal and financial information about credit cards, bank details, etc.

In the Coronavirus phishing campaigns, emails are disguised to look like they are being sent by medical authorities like the Centers for Disease Control and Prevention (CDC) and World Health Organization (WHO).

An example is a fake email claiming to have been sent by the CDC. These emails are asking recipients to click on a link to learn about safety measures or new cases in their cities. Eventually, the recipient is asked to share financial details like the bank or credit card details or personal information like social security numbers.

coronavirus who scam

Other forms of coronavirus phishing emails include fake workplace policy emails that appear to be sent by organizations. They target remote employees and include links to log in to fake company pages. The motive is to obtain user credentials.

covid communication disease management policy

In other phishing emails, recipients are requested to donate to help out people affected by the virus as shown in the example below.

coronavirus phishing scam email


How To Protect Yourself From Coronavirus Phishing Campaigns?

So, how do you spot coronavirus phishing mails and protect yourself? The first thing to remember is that the objective of these emails is the same as any other phishing email – to make you click on an embedded link or open an email attachment.

Here are some tips to easily spot a Coronavirus phishing email:

1. Check the email address

Hackers are good at creating fake email addresses that closely resemble legitimate ones. For example, email addresses with the website domain as “” or “” First, determine if these domains are genuine and operational before acting upon the email.

Here are a couple of examples of phishing emails with a fake email address –

covid donation scam

2. Do not click on suspicious links in an email

Cybercriminals include genuine-looking links in the phishing email to make people click on them. However, when the user clicks on them, they are redirected to a different target URL of a phishing site. Before clicking on any such links, hover your mouse over the link and view the URL link where it would lead.

Here’s an example of a fake CDC phishing email containing a suspicious link:

covid phishing scam email link

3. Beware of phishing SMS

Emails are not the sole medium through which hackers target users for phishing. Cybercriminals could also send an SMS with suspicious links. When you click on the link, you are taken to a website that could steal your financial information.

covid scam message

These cases are far sneakier as our mobile phones hardly have the security measures we have on our work laptops or computers.

4. Beware of social media posts

Cybercriminals know that people are on the lookout for virus-related information on social media, and therefore, social media is a fertile ground for these activities.

covid emergency grant scam

5. Do not submit any personal information

As mentioned before, phishing emails aim to obtain your personal or financial information. As a rule, do not submit any confidential information as a response to such emails. Banks or any other legitimate agencies don’t ask for any such data or any login credentials.

covid who scam

Additionally, delete any emails that ask for personal information on an immediate or urgent basis.

Here’s an example of a phishing email about getting a tax refund.

coronavirus phishing email


Final Thoughts

Times of crisis require that we are well-informed and responsible. It is important that we secure ourselves and those around us. Just like we are participating in social distancing and self-quarantining offline to stop the spread of the Coronavirus, let us commit to stopping the spread of such scams and misinformation.

Please share this article with your family members, colleagues, and business contacts. Sign up on our MalCare blog to stay updated on the latest in cybersecurity. Whether it is offline or online, stay safe, stay secure.


You may also like

WPMU DEV Review: Features, Pricing and Details
WPMU DEV Review: Features, Pricing and Details

In a world where time is money, you want tools that save you time, giving you room to make more money. When you manage multiple WordPress sites, your task list…

How can we help you?

If you’re worried that your website has been hacked, MalCare can help you quickly fix the issue and secure your site to prevent future hacks.

My site is hacked – Help me clean it

Clean your site with MalCare’s AntiVirus solution within minutes. It will remove all malware from your complete site. Guaranteed.

Secure my WordPress Site from hackers

MalCare’s 7-Layer Security Offers Complete Protection for Your Website. 300,000+ Websites Trust MalCare for Total Defence from Attacks.