Phishing and COVID-19


Phishing in the years of COVID-19

The COVID-19 pandemic is changing the way many organisations are working. The increase in remote activities, such as teleworking or emails, has created the perfect conditions for cyber fraud schemes.

One of the most common fraud is Phishing, where Cybercriminals disguise themselves as reliable sources (by sending emails or creating websites that look authentic) to trick users into revealing their personal information or clicking on malicious links or attachments, unwittingly downloading malware to their computers. 


How to recognize Phishing

The emails sent usually:

  • Looks identical to messages from the "real" organisation;

  • Claims to enclose important information or breaking news;

  • Try to create a sense of urgency or demand immediate action;

  • Ask you to download and/or click on attachments and links;

  • Has some spelling mistake in the sender address.


How to Protect against Phishing Attacks

There are a few steps you can take to stay safe when you go online:

  • Never share any personal or financial information or passwords to anyone via email.

  • Check whether the email domain matches the organisation that the sender claims to be from;

  • Check the link in the email are the same as what appears in the email before you click;

  • Keep an eye out for spelling and grammatical mistakes in the email or website;

  • Visit websites by typing the domain name yourself, rather than clicking on a link;

  • Notify your colleagues to prevent other people from being victimised


You are the victim of a Phishing attack. What now? 

If you are a victim or suspect to be the victim of a Phishing attack, inform the person in your organisation responsible for cybersecurity.

There are also a few actions you can take immediately to prevent further damages:

  • If you have downloaded a suspicious software, update your computer’s security software and run a scan;

  • If you entered login credentials in a suspicious website, change the credentials on the "real" website;

  • If you have provided your bank details, contact your bank or credit card company;





If you want to know more about Phishing and how to protect yourself, stay tuned for our Phishing Cybersecurity Risk Awareness Webinar Series.

You can learn about past edition on Awareness of Password Weaknesses and SQL Injection.