How to spot coronavirus/COVID-19 phishing emails
You can always trust scammers to not let an opportunity pass them by. Just a week into the pandemic and a few weeks into the coronavirus/COVID-19 situation, phishing emails offering click to cure scams, virus tax refunds, good practice attachments, CDC advice and even fake donation pages to help those with coronavirus/COVID-19 have all appeared. All of them are fakes.
We have seen all five of those phishing email scams and there are probably many more besides.
Given how worried people are around coronavirus/COVID-19, the search for reliable information and the urge to latch onto information no matter how unreliable it might be can be overwhelming. However, the vast majority of the emails you will see on the subject of coronavirus/COVID-19 will be fake.
So how can you spot a phishing email? These tips work on the new breed of coronavirus/COVID-19 phishing emails as well as existing phishing campaigns.
How to spot phishing emails
There are a few giveaways to most phishing emails if you know where to look. Here are some sure signs that emails offering to help you manage coronavirus/COVID-19 will actually do the opposite.
Check the sender
First question. Would the CDC (US Center for Disease Control), the Inland Revenue, World Health Organization or some random entity email you directly with advice? The answer is no, they wouldn’t. Unless you signed up to news alerts from the organisation in question, any email you receive on the subject will be fake.
These organisations will alert you using TV announcement or through press conferences. They would not email people. They have way too much going on right now to be able to space time for this!
Second question. Does the sender’s email look legit? If the email says it is from Inland Revenue but has a sending address of billysmith@covidinlandrevenue.co.uk, it isn’t going to be real. Some spam can mask the sending address but if you look closely at the sender, you will likely see that it has nothing to do with the organisation.
Check the subject
Many of the emails we have seen say something like ‘New nCoV Safety Measures’ or ‘New Programme Against COVID-19’. Is this subject plausible? Similarly to checking the sender, would CDC or Inland Revenue send an email like this? Would your bank send you an email giving you a supposed download of supposed COVID-19 safety methods?
Would the CDC, based in the US send a British user an email asking them to click a link to show all listed cases in their area? Would the CDC even be able to make that kind of information public in their own country?
If the subject of the email is not plausible, it is likely a phishing email.
If in doubt, contact the organisation directly using their publicly listed phone number or email address. Do not use any phone number or email listed in the email.
Check the spelling
Despite the prevalence and ease of use of spellcheck, many scammers don’t seem to be able to use it. Admittedly, for most scammers, English would be a second or third language. However, this works in our favour.
As a copywriter and editor, I know all too well how fastidious large organisations are about being represented to their very best and will require several editing passed before any public announcement, even an email is approved. While this is no guarantee that an email will not contain any spelling errors, it is a good guard against them.
If you see obvious spelling errors, poor word choice or phrasing that doesn’t sit right, the email is likely phishing.
Again, if you’re concerned, contact the organisation directly using their publicly listed phone number or email address. Do not use any phone number or email listed in the email.
Check any links within the email
You should never, ever follow a link within an email unless you know the sender and/or have requested emails from the sender. If the email comes out of the blue, just delete it.
If an email contains links, hover the cursor over them and check in the bottom right corner of your browser or the highlight box in your email client. Be careful not to click the link, just hover the cursor over it. In the vast majority of cases, the text you see in the link will look nothing like the text in the link.
Furthermore, the text in the link will likely have nothing to do with the organisation who sent it or the page the link is telling you it leads to.
For example, email might say it is from the CDC, the link might say ‘Link to new safety information’. Hovering over the link might show ‘https://www.hahahimahacker.com/qwertyuiopzxy. This is a sure sign of a fake link.
Check the time and conditions
Many phishing emails will say something like ‘urgent action required now’ or ‘this action could save your life, act now!’. This is classic scare tactics that feeds of our desire to not miss out. We use these in marketing all the time to create urgency and to convert the reader to action.
Phishing emails use them too because they work. Given the high stress environment we are currently living in, an already effective sales tactic works even better than usual.
No official organisation will use scare tactics to prompt you to action. They realise all too well that we are under enough stress as it is without adding more.
One simple rule to avoid phishing
There is a simple rule you can follow to avoid 99.9% of phishing emails:
If you don’t know the sender or didn’t ask for the email, delete it.
It’s that simple. If you know the sender or have actually asked for email alerts from organisations, you will likely receive them. For everything else there is the Delete key.
If you want to stay informed about coronavirus/COVID-19, visit the World Health Organization website. Check this link by hovering over it, it’s real!
Don’t rely on social media, don’t get your news from Facebook. Go to official sources. It’s the only way to be sure with so many scams around.
Good luck out there!
