When it comes to the novel coronavirus, cybercriminals are preying on our fears.
“It could get worse before it gets better,” said Chester Wisniewski, a cybersecurity specialist at the international security firm Sophos. “There are new threats coming out every day.”
Most worrisome are scams where fraudsters are impersonating agencies like the World Health Organization and the U.S. Centers for Disease Control and Prevention.
“Two of the most dangerous ones I worry about are ones that are stealing information that can lead to identity theft,” Wisniewski said.
On one fake website, for example, a user arrives to see the real WHO website, but with a fake pop-up window in front of it asking for a personal email address and password in order to learn about their health information.
Wisniewski also said to beware of email attachments like the one recently linked to the U.S. Centers for Disease Control.
“That one proclaims there is a document attached that is official advice from the government on how to stay safe during the coronavirus outbreak,” he said. “If you try and open that document and it infects your computer with malware, it will try and steal your online banking information and your passwords.”
He advised to never click on unfamiliar links and to think before you act.
“I know people are desperate to get information, but you should be going directly to your provincial health ministry,” he said. “Go to them. Never let it come to you.”
To avoid falling for a scam, Wisniewski also recommends:
- Beware of emails with spelling and grammatical errors
- Check the URL before you click on any link. Does it look legitimate?
- Keep your computer up to date
- If you have given away your password or other personal information, change your passwords on all accounts immediately
- Don’t use the same password on more than one site