How to stay protected against COVID-19 scams

ramsac cybercovid 1 e1585644078953

Cybercriminals are unscrupulous people who will capitalise on anything to extort money from individuals and organisations. The current Covid-19 (coronavirus) pandemic is no exception. Since the early days of the virus, we’ve seen hackers exploiting people’s fears by sending phishing emails and messages related to the Coronavirus.  And at a time when many organisations have taken their eye off the importance of IT security to focus on their immediate response to the UK lock down, the impact of these attacks has been greater than ever. In this blog, we explore some of the latest coronavirus cybersecurity scams that are currently circulating. 

The WHO Scam

World Health Organization logo

Cybercriminals have started posing as the  World Health Organisation to steal money and information from the public. The attacks range from fake landing pages, downloads and malicious email attachments all relating to the coronavirus outbreak. 

In a recent press release, the WHO said: “If you are contacted by a person or an organisation that appears to be from WHO, verify their authenticity before responding”. 

HMRC text message

Tax refund message

Almost as soon as the Government had announced greater support from HMRC, we started to see text messages supposedly from HMRC, promising a goodwill tax refund if recipients just follow the link. 


On closer inspection, there are grammar mistakes in the text, and HMRC has confirmed that they would never text you a link for claiming a tax refund. If you look closely, you’ll see that the link does not look like a legitimate link to HMRC or which is a classic sign that an offer is too good to be true.  If you are unsure about any text messages, you receive you should always call the company to call to verify the legitimacy of the message. 

City Council text message

Tax refund message

This example of smishing (a form of phishing where someone tries to trick you into giving them your private information via a text or SMS message), is this text supposedly from the ‘City Council’ again stating that they want to give you a tax refundNote that they have even managed to spell Covid-19 wrong! often poor grammar in the message is a clue – but these are desperate times and people have been falling for this message.  

UK GOV website

Tax refund website


The website has been realistically copied in order to lure people into sharing personal information, in this example, the website looks similar to the site, however, the URL does not look legitimate. The poor spelling also pointto the fact that this is fraudulent website, note they have called it the COVID-19 Relieve scheme instead of COVID-19 Relief scheme. 

GOV UK Email

Tax refund email

And on a similar theme, we’ve also seen this email, claiming that the Government has taken action to provide people with a tax refund.  This imitated GOV UK with the email design and also had links for the recipients to click on to “Access their funds”. 

We’ve said it before – but this just isnt how the Government would proceed – they wouldn’t ever make it that simple! Remember, if it looks too good to be true – it probably is! 

Email screenshot

In the example above (source: Cofense) the email is directly impacting people’s fears by giving false information on the current pandemic by suggesting that the virus is airborne. This email has been created by using the legitimate Centres of Disease Control (CDC) emails but it has been sent using a spoofing tool. By sending an email of this kind during a period of such high stress and uncertainty, cybercriminals are capitalising on people’s fears to trick them into giving out their details.  

Microsoft Teams  

Recently there have been reports of phishing scams through Microsoft Teams. According to Tech radar, criminals are using fake Microsoft Teams alerts to try and gain Office 365 access to compromise peoples accounts. If the user clicks on the link via a fake Teams alert, it takes the user to an imposter landing page which will ask for personal details and can result in a data breach.  There has generally been an increase of hacks through video conferencing channels due to the rise of users during the coronavirus pandemic 

It is vital that people are taught how to spot the signs of a phishing text, email or website, to protect themselves and the organisation they work for. 

The UK government has recently been working with various social media firms to help to stop the spread of fake news and dangerous content, and they will shortly be re-launching their ‘Don’t feed the beast’ campaign to help the public think about the content that they are sharing on the internet. More information can be found here on the HM Government website. 

The key message here is to be extra vigilant when reading emails and text messages related to the Coronavirus. Many hackers are currently exploiting people’s nervousness through phishing attacks. Many employers have taken their eye off the ball when it comes to cybersecurity as they have taken a ‘do whatever it takes’ approach to getting their people set up to work from home. This is not the time to cut back on your security services, and indeed, perhaps this is the perfect time to get your staff to spend some extra time on cyber awareness training. Do get in touch if you want some ideas on how to best do this. 

Email screenshot

For more information on how to spot phishing messages take a look at our cyber chat video on phishing or our blog on phishing emails.

Related Posts

  • Happy Birthday secure+: How our cybersecurity solution has detected over 8000 cybersecurity alerts in one year

    Happy Birthday secure+: How our cybersecurity solution has detected over 8000 cybersecurity alerts in one year


    secure+ has detected and responded to over 8000 security alerts in its first year [...]

    Read article

  • MFA Fatigue: Multi-Factor Authentication (MFA) is best practice, but it’s not risk free.

    MFA Fatigue: Multi-Factor Authentication (MFA) is best practice, but it’s not risk free.


    MFA Fatigue is a problem organisations need to be aware of, in this blog we break down why and what organisations can do to combat it. [...]

    Read article

  • Data Protection Day – Protecting your information on social media.

    Data Protection Day – Protecting your information on social media.


    The 28th of January is Data Protection day, to mark this day we have created a blog with tips on how people can keep their personal data safe on [...]

    Read article

  • Cybersecurity – The importance of Testing & Training

    Cybersecurity – The importance of Testing & Training


    Many organisations offer cybersecurity training to their staff, but training and testing as a combined strategy provides a much stronger defence against cybercrime. [...]

    Read article

  • Man-in-the-Middle (MITM) attack – Cyber secure series

    Man-in-the-Middle (MITM) attack – Cyber secure series


    Man-in-the-middle attacks mean an attacker has intercepted communications between two people and has altered them in some way. Learn more today. [...]

    Read article

  • Data Protection and Innovation: The Role of the ICO Regulatory Sandbox in the UK

    Data Protection and Innovation: The Role of the ICO Regulatory Sandbox in the UK


    In this blog, we'll explore the concept of the ICO Regulatory Sandbox and its objectives in the data protection landscape in the UK [...]

    Read article