Coronavirus Phishing Scams: Protect Yourself Against COVID-19 Scams

Coronavirus has forced individuals and companies across the country to adapt and make changes to our routines. Unfortunately, scammers have taken the opportunity to develop new scams specifically tailored to the confusion surrounding COVID-19. 


Phishing scams are commonly used to steal personal information, reports of these scams have increased over the last few months.


How do phishing scams work?
According to Norton Security, “Cybercriminals send emails claiming to be from legitimate organizations with information about the coronavirus.

The email messages might ask you to open an attachment to see the latest statistics. If you click on the attachment or embedded link, you’re likely to download harmful software onto your device.” It is important to note that phishing attempts are designed to look exactly like a reputable site that you are used to, so spotting them can be tricky.

How to spot a phishing scam

  • Beware of online requests for personal information. A coronavirus-themed email that seeks personal information like your Social Security number or login information is a phishing scam. Legitimate government agencies won’t ask for that information. Never respond to the email with your personal data.
  • Check the email address or link. You can inspect a link by hovering your mouse button over the URL to see where it leads. Sometimes, it’s obvious the web address is not legitimate. But keep in mind phishers can create links that closely resemble legitimate addresses. Delete the email.
  • Watch for spelling and grammatical mistakes. If an email includes spelling, punctuation, and grammar errors, it’s likely a sign you’ve received a phishing email. Delete it.
  • Look for generic greetings. Phishing emails are unlikely to use your name. Greetings like “Dear sir or madam” signal an email is not legitimate.
  • Avoid emails that insist you act now. Phishing emails often try to create a sense of urgency or demand immediate action. The goal is to get you to click on a link and provide personal information — right now. Instead, delete the message.