Cyber Security Scam Alert Issued by the World Health Organization
Beware that hackers, cyber scammers, and other criminals are taking advantage of the 2019 Novel Coronavirus pandemic by using fraudulent e-mail messages, Internet web sites, telephone calls, text messages, WhatsApp messages, and even fax messages to perpetuate their scams by attempting to trick you into clicking on malicious links or opening attachments, which can then reveal your user name and password in order to to steal money or sensitive information from you.
If you are contacted by a person or organization that appears to be the World Health Organization, verify their authenticity before responding to them.
The World Health Organization will never:
Ask for your user name or password to access safety information
Send attachments in e-mail messages for which you did not ask
Ask you to visit a link outside of www.who.int
Charge money to apply for a job, register for a conference, or reserve a hotel
Conduct lotteries or offer prizes, grants, certificates or funding through e-mail messages
Verification of the World Health Organization
The only call for donations which the World Health Organization has officially issued is the COVID-19 Solidarity Response Fund, which is linked to below. Any other appeal for funding or donations that appears to be from the World Health Organization is a scam.
You can verify if communication is legit by contacting the World Health Organization directly.
Phishing: Malicious E-mail Messages and Messages Appearing to Be From the World Health Organization
The World Health Organization is aware of suspicious e-mail messages attempting to take advantage of the 2019 Novel Coronavirus pandemic with a fraudulent action called phishing.
These “phishing” e-mail messages appear to be from the World Health Organization in order for criminals to install malware or steal sensitive information, and will ask you to:
Give sensitive information, such as usernames or passwords
Click a malicious link
Open a malicious attachment.
How to Prevent “Phishing”
Follow these steps in order to prevent “phishing” from occurring:
Check their e-mail address. Make sure the sender has an e-mail address such as ‘email@example.com’ If there is anything other than ‘who.int’ after the ‘@’ symbol, this sender is not from the World Health Organization. For example, the World Health Organization does not send e-mail messsages from addresses ending in ‘@who.com’ , ‘@who.org’ or ‘@who-safety.org’.
Check the link before you click. Ensure that the link starts with ‘https://www.who.int’. Better still, navigate directly to the official Internet web site of the World Health Organization by typing ‘https://www.who.int’ into your browser.
Be careful when providing personal information. Always consider why someone wants your information and if it is appropriate. There is no reason someone would need your user name and password to access public information.
Do not rush or feel under pressure. Cybercriminals use emergencies such as the 2019 Novel Coronavirus pandemic to get people to arrive at decisions quickly. Always take time to think about a request for your personal information, and whether the request is appropriate.
If you gave sensitive information, do not panic. If you believe you have given data such as your username or passwords to cybercriminals, immediately change your credentials on each Internet web site where you have used them.
If you see a scam, report it. If you see a scam, tell us about it.
The lowest of the low emerge to take advantage of a situation in which millions of people are suffering in terms of health, finance, and security. Do not let these nefarious individuals win.
If you notice someone attempting to pull a scam on someone else — especially during times of fear and confusion, which is when their chances of succeeding are best — please report them to the proper authorities.