From Sophos: Advice on Avoiding Cyber Scams Related to the COVID-19 Crisis

According to Chester Wisniewski, principal research scientist, Sophos

As people’s fear and desire to do something about COVID-19 is dominating the news, it is also being exploited in every way by online criminals. First, Sophos noticed phishing attackers using the World Health Organization (WHO) as a lure. Next, numerous malware gangs began to disguise their malicious wares as COVID-19-themed documents. Now today, we are seeing cyberattackers impersonating WHO charities, this time the COVID-19 Solidarity Response Fund. These emails are fake, but very real looking and take advantage of new and until recently unheard of charitable organizations. The tell-tale clue is the request for Bitcoin, rather than credit cards or other currency. Due to the ability to trace and stop real wire transfers and credit cards, criminals prefer to rely on crypto-currencies to attempt to preserve their anonymity and freedom and the Bitcoin payment request seen here is a sign that something isn’t right about this email. We haven’t seen the novel nature of this attack before – impersonating charities around COVID-19.

Example of COVID-19 Spam

















Any time the public’s interest becomes fixated on a topic, scammers, spammers and malware authors latch on to the news and are determined to find a way to exploit the opportunity. We’ve seen this type of activity in the past, but rarely is the whole world so focused on one thing, making this chance to develop scams a little too good to be true for cybercriminals.

Almost all types of malicious online activity Sophos typically observes right now has in one way or another taken advantage of a COVID-19/Corona theme. There are limitless quantities of spams pitching expensive guaranteed Corona-proof masks, videos on how to construct your bunker and other “guides” to keeping your business or family safe. We have also seen common email-borne malware families like Fareit and Trickbot sending Centers for Disease Control and Prevention (CDC) and World Health Organization (WHO) themed malicious emails. The latest? Spams purporting to be from charities affiliated with the World Health Organization (WHO) asking for Bitcoin donations to assist those on the front lines fighting this outbreak. Whether you trust your government or not, criminals are emailing you to exploit your fear or distrust.

Let’s be clear. If you want advice from those who truly know what is happening, visit the website of your local health authority or ministry of health. Make a bookmark in your browser for the *real* WHO website at, and if you really want to make a financial contribution to those helping us stay safe in this fight, don’t send Bitcoin, but go to the official website for the COVID-19 Solidarity Response Fund at


Real website links for Solidarity Response Fund and WHO: