How to Protect Yourself from Coronavirus Themed Phishing Emails

The world, as we know it, has changed drastically over the last few weeks, owing to the COVID-19 coronavirus pandemic. It has brought out the very best in humanity in many ways, but unfortunately it has created an opportunity for internet focused fraudsters and hackers to use it as an opportuniety to exploit the vulnerability of unexpecting people worldwide, and carry out scams such as cyber phishing.

What is Phishing?

Phishing is an attempt by hackers and scam artists to obtain sensitive information such as your credit card details or the login credentials (passwords and usernames) that you use (typically same username and password for multiple websites). The will take the username and password you use on one account type and then try to use the same access details on other platforms to see if they can gain access. The scam typically occurs through email, phone call (Vishing), text message (Smshing) or fake website (Domain Spoofing). Although phishing and other such attacks have been happening for some time, many are now using the current situation to increasingly fool more and more unsuspecting users.

Coronavirus Phishing Emails

Cybercriminals leverage people’s fear and need for information to steal sensitive data or spread malware onto their computers. Malware is software that is specifically designed to disrupt, damage, or gain unauthorised access to a computer system.

Coronavirus phishing emails can take a variety of forms including:

  • Health advice emails – Phishers offer medical advice to help protect against the COVID-19 pandemic. The email may claim to be from a medical expert near Wuhan, China, the epicentre of the outbreak.
  • Workplace policy emails – In these emails, phishers target employees’ office email accounts with fake company policies or forms to complete with personal information. When you click on the attachment, you may end up downloading malicious software (Malware).
  • WHO emails – Intruders may pose as WHO (World Health Organisation) advisors offering advice in embedded links and attachments or asking for donations to a disaster relief fund.

Spotting a Coronavirus Phishing Email

  • Bad grammar and poor spelling – Cybercriminals aren’t known for their spelling and grammar and can often not be from countries that use English as their first language. Professional businesses typically have an editorial team to make sure customers receive professional, quality content. If an email message is  full of spelling and grammar errors, then it’s likely to be a scam.
  • Suspicious attachments – If you get an email with an attachment from someone you do not know, or perhaps an email from someone you do know but containing an attachment you did not expect, it could be a phishing attempt. So avoid opening any attachments until you’ve verified their authenticity.
  • Threats – Such emails create a sense of pressure or panic to get you to respond immediately. For instance, it could include a statement such as “respond by tomorrow”. Or it could talk about repercussions or financial implications if you do not respond.
  • Spoofing – These emails appear to be from legitimate companies/websites but direct you to scam sites.
  • Altered web addresses – This is a form of spoofing where the web URL closely resembles the name of well-known businesses but may be slightly altered; for instance, or
  • Mismatches – The URL and the link text do not match, or the sender’s signature and URL are different.

Tips to Protect Yourself from Coronavirus Themed Phishing Emails

Although fraudsters will undoubtedly attempt to capitalise on the coronavirus pandemic, they’re using the same strategies they have always used. So, as individuals we are fairly used to this type of cyber behaviour. Just try and remember to be especially vigilant during these times and be scepticail of all correspondence and  protect yourself.

  • Activate the protection features of your email service (Spam filtering and virus protection software and settings).
  • Install the latest security updates on all your devices.
  • Verify the email address that is sending you the correspondence to ensure that it is indeed from the legitimate address. For example, legitimate emails from WHO will come from the domain name “”. A good tip is to hover your mouse over the links (don’t click on the link – just carefully hover your cursor over the link) to check that the address that shows while your mouse is hovering over the link is pointing to the real legitimate company address (the URL).  The URL address and email sender should match exactly and be a genuine address and domain name.
  • Never share personal information, login credentials or passwords with anyone over email, the phone or text.
  • Do not click links. A better way is to retype the URL in your browser manually.
  • Do not open unsolicited emails from people you do not know.
  • Avoid emails that demand immediate action.
  • Be very careful with attachments, especially if you don’t know the sender or if the email seems suspicious.
  • Phishing emails are rarely personalised. If they contain generic greetings such as “Dear madam or sir”, it’s a signal that it’s not legitimate.


It’s a good idea to directly visit reliable sources for information about the COVID-19 coronavirus during these worrying times. The correct Irish health care agencies and government offices are the trusted resources for reliable information. For up-to-date information about COVID-19, visit websites like, WHO, Citizens Information or HSA.

Credit: Bob Stokes