As we all are aware, the global impact of the coronavirus has been devastating. For many of us, it’s turned our lives upside down — which makes this a prime opportunity for criminals to ramp up cyberattacks. 

Cybercriminals know that while we’re worried about our health and our finances, they can play on one of our most basic human emotions: fear. When we’re faced with fearful events, most of us let our guard down, which makes us more likely to fall victim to various social engineering attacks, such as phishing, malicious apps and websites, and even delivery scams.  

Here are a few examples of coronavirus-related scams security teams have reported experiencing:


Hackers sending emails that appear to be from the World Health Organization (WHO), the Center for Disease Control (CDC) or even medical supply companies.

phishing example

Social Engineering

An increase in potentially malicious websites prompting users to click on links with topics such as “Corona Heat Map” as well as emotional requests for donations to bogus charitable causes.


Short message service (SMS) using text messages claiming people may pay a fee for leaving their home during this period when many of us are under shelter-in-place rules. Scammers know they can generate clicks and even prompt us to provide personal information when dealing with home-delivery orders for needed supplies.

smashing example


Telephone fraud in which hackers, skilled at voice inflection, prey on our insecurities and instill a sense of urgency. For example, they may pretend to be from the WHO, requesting usernames and passwords to access safety information or asking for donations. There have also been spam reports related to free COVID-19 testing kits and health insurance.

Social Media

There have been approximately 2 million tweets touting conspiracy theories about the coronavirus over a short three-week period.  While the major players have implemented policies to help stop the spread false rumors, we all need to be aware of the threats and be able to sift through the bogus posts and prompts.  

Don’t fall victim to these unscrupulous, dodgy actors. Now, more than ever, it’s imperative that you keep your guard up and your emotions in check. 

To protect yourself and others and instill safer, vigilant cyber behavior, practice the following security awareness tactics:

  • Be highly suspicious of any message that creates a tremendous sense of urgency through fear or impending crisis. This is one of the bad guy’s favorite tactics.
  • Be skeptical of any emails or phone calls claiming they are from a government organization. Most likely, this is a cyberattack. Instead, you can find the latest updates on the virus on the WHO website, at specific WHO regional offices around the globe or on the CDC website.   
  • Be wary of something too good to be true. This includes claims for cures for the coronavirus or super-low prices on items that are hard to find.

And always remember: YOU are the best defense against cyberattacks.  

Working from home? Make sure you are doing everything you can to create a secure home office. Check out our Top 5 Tips for Working from Home Securely.

Download the Tip Sheet