The Pandemic Phishing

Just when you thought pandemic has slowed things down, the hackers and scammers came out of their shells a little bit more. People are getting scammed in the name of Covid-19. it looks like the number of Covid-19 cases and phishing cases are increasing day by day. Even if the number of infected people are decreasing, the scammed people aren’t.

To spread the phishing scams hackers are taking advantage of health scares. Infected links and attachments are being sent through mails, messages and social media posts. Being aware about these scams has become way too necessary. This Covid-19 phishing scam, like any other scams, can be really harmful so it’s better that you go and find a sure solution for it.

It is very obvious that if someone sends you a mail about Covid-19 or anything else associated with it in a pandemic then you’ll open it. That’s how these phishing scams are running and we, being unaware about it are suffering. The attackers will send you e-mails claiming to be from a legitimate organization containing information about the Corona Virus. It is very easy to infect your system with such mails, links and attachments without even letting you know. What do we do about it then? Let’s see that in this article.

Dealing With COVID-19 Phishing Scam:

The first thing is to spot a Covid-19 phishing mail. Here’s how you can do it:

  1. Health advice mails: Hackers know it very well that people are looking for reliable health advice to protect themself against corona. So they are sending you emails in the name of health advice claiming to be from a reliable source. The mail may provide links stating it to be the “Safety guidelines for beating this pandemic”. if you click on that link it will lead to the download of malware.
  2. CDC Alerts: Cybercriminals will send you an email claiming it to be from the U.S. Centers for Disease Control. It may claim to have a link showing lists of infected people in your neighborhood or the safety hazards that you need to follow for being safe. They will lead you to some fake page or may hang your system which means your system has been infected.
  3. Workplace policy emails: Employees from different organizations and workplaces are being targeted by hackers and sending them emails that claim to be from their workplace. These links and attachments will again lead you to the path of malware download.

You should know how to recognize, avoid, and protect yourselves from such phishing emails the minute you see them and here are some ways to do that:

  • I’ll be very clear with the fact that no Legitimate Government Agency will ever ask you for your personal information like Social security number or any login information. They don’t need it. So if any email claiming to be from a legit government agency is asking you such a question then it is a red flag. Completely avoid such mails, don’t open them or the links and attachment contained in that mail.
  • The urgency or emails asking you for an immediate response can be a phishing mail. You don’t have to react on it. Hacker’s main goal is to achieve your personal information as soon as possible so that they can scam you at that very instant. Delete that mail as soon as you receive it.
  • You should also look for generic greetings. One characteristic feature of phishing emails is that they won’t use your name. Instead, they will address you like “Dear Sir or Madam”. It’s your cue to go and delete the mail, else you can get scammed.
  • Always, I repeat, always check for any type of error in your mails. It can be anything like grammatical errors, spelling mistakes, errors in punctuation. Any mail containing such mistakes is a phishing mail for sure. Look closely and save yourself from getting scammed.
  • To protect yourselves from phishing emails you can secure your system with security software. Set it to update automatically so that it can deal with all the online threats and attacks non its own.
  • Multi-factor authentication is one good way to protect your system from any cyberattack. All you have to do is to add two or more credentials to log in to your account. It can be of two types:
    • Scan of your fingerprint, your face, or retina, basically something that you are.
    • Code you got through text or any authentication app, basically, something you have or you got.
  • Backing up your data is a very important step if your system somehow gets hack. You can make a copy of a; your data and keep it safe in a hard drive or cloud storage.


Phishing- How to prevent it?

If you are familiar with the term Phishing then you may also know that earlier phishing techniques were pretty common. You may have seen or heard about bogus websites that look really similar to the original ones. It is a well-known fact that hackers are always trying to steal your information for their own benefits. This article will talk about phishing and how there are different types of it.

What is Phishing?

The most irritating thing about Phishing is that, that we know how it may happen but we still can’t do anything about it. Sometime people just fall into this Phishing scam and don’t know what to do.

Now what actually is phishing is the matter of concern. Phishing can be defined as a cyber crime that takes place by targeting people through emails, texts etc. Where they (hackers) pose as some legitimate institution and lure people in providing them their personal information such as passwords, credit cards and bank details.

Once the hackers get this information they can hack into your systems or take money out of your account in no time and not even giving you time to react. Here are some of the common features of phishing.

  1. First of all, they are too good to be true. They look so eye catching and have statements that will surely catch public attention. This can be about winning any lavished prize, money or a trip, anything that lures people. It is a red flag! Do not click on such links.
  2. Receiving any unexpected mail can also be a sign of phishing. There can be attachments on that mail carrying payloads such as ransomware or any other type of virus. So don’t open such kind of attachments.
  3. One of the most common features of phishing can be hyperlinks. Whenever you click on such links, which you should not, it redirects you to some page that will look familiar to the original one. You have to look closely and find flaws if you find that page suspicious.
  4. If you sense urgency then it means hackers are trying to trick you. One of the most common characters of phishing includes this. They may tell you that this sale ends in a minute or offer is valid for just a few minutes. You may get mails stating them. The best thing you should do is to avoid them.
  5. Sometimes you can get suspicious emails or messages from unknown or even known people. If you find it suspicious then you don’t have to open it. You aren’t obliged to do it even if that suspicious mail is from someone you know.

Types of Phishing

Nowadays hackers have found different ways to scam us and some of the most common phishing methods are mentioned below.

  • Email phishing: It is one of the most common phishing techniques you can see. As the name indicates the phishing attacks are sent by mail. The hacker will register a fake domain that highly resembles the original organization. The fake domain name can contain character substitution like writing “m” and “rn”. Consent phishing is also there which is basically works by tricking users into granting access to a malicious app to get the personal information of the user
  • Spear phishing: This is one type of sophisticated phishing that involves the use of emails. Here malicious emails are sent to a specific person. This type of phishing is possible only when the hacker/attacker has all the information about the victim like their name, email address, place of employment, job profile, and specific information regarding that too.
  • Smishing and vishing: Smishing and vishing involve two steps. Smishing means sending malicious texts (just like email) to a person and vishing means having a telephonic conversation. A very common example of this technique is getting fake calls from a fraud investigator and them telling us how our bank account has been breached. They then ask for our card details for identity verification to move our money into a secure account. Once they get the details, they (the attacker) transfer our money into theirs.
  • Whaling: Whaling attacks target someone like a senior executive of a company, with a bit more subtle way. It is actually very obvious that attackers can’t fool the executives by these malicious links, emails, or text messages. They are very much aware of it already. Here bogus tax returns are used to trick them and are a common type of whaling. This trick is used by the attackers as it involves following useful information like name, address, bank account details and social security numbers.
  • Angler phishing: Social media has come up with new techniques to trick users like fake URLs, duplicated websites, tweets, posts, and many other things as well. By using these techniques attackers can make people download malware (unknowingly) or give personal information. This trick is really common and effective for attackers because almost everyone uses social media on a daily basis.

So this article concluded some basic information about phishing and its types. You can see and know if someone is or will ever try to phish you. The bottom line here is only you can save yourself from being phished by knowing these common do’s and dont’s.