Skip to Content
© Monika Wisniewska |
Security & privacy

Coronavirus scams: How to spot bogus sites, emails and alerts

The coronavirus outbreak has been dominating headlines for weeks now. It seems to have impacted every aspect of life, from the stock market taking a huge dive to retailers all over the country selling out of things like hand sanitizer. It’s everywhere.

Sadly, misinformation about the disease is also spreading fast. That’s why it’s important to find accurate information from sites you can trust. Tap or click here for the most accurate coronavirus infection map on the web.

Fake news isn’t the only thing to watch out for. Now, scammers are taking advantage of people’s fears over the disease and using it spread malware.

L’apparenza inganna (appearances are deceiving)

There has been a malware variant around for a few years now that has been a problem across the globe. It’s known as TrickBot and first emerged sometime in 2016.

Well, it’s back.

Scammers have started a spam campaign designed to play on people’s fears about the coronavirus. They are sending spoofed emails that are supposed to look like they come from officials with the World Health Organization.

The emails have a Word document attached that claims to be a list of precautions you should take to avoid being infected by the coronavirus; however, the Word doc is malicious and if you click on it your device could be infected with TrickBot malware.

RELATED: How to prepare your business for the coronavirus

Researchers at SophosLabs first spotted this tricky phishing campaign spreading in Italy. What makes it especially dangerous is how real the messages look.

They claim to be coming from an Italian official with the WHO and urges people to read the attached document for the safety of their health. The cybercriminals behind these attacks even use some official coronavirus infection numbers in their emails to make them seem real.

But don’t be fooled, it’s a total scam. Nothing more than an elaborate phishing attack used to infect your device with malware and rip you off. Also, it was first discovered in Italy but these types of phishing attacks will most likely spread globally, so you need to keep your guard up.

How to avoid coronavirus scams

Macros are not your friends

As with most phishing attacks that have Word docs attached, cybercriminals are relying on you to enable macros. Enabling macros allows the malicious document to infect the victim’s device with malware.

So your first line of defense is keeping macros disabled and not turning them on when instructed through unsolicited emails. Asking you to enable macros is a sign that you’re under attack.

RELATED: Online marketplaces are full of phony coronavirus gear

Only trust official websites

© Artur Szczybylo |

Scammers always piggyback on huge stories like the coronavirus spreading. That’s why we’ve seen more than 4,000 new coronavirus-themed domains registered since January.

According to Check Point researchers, of those 4,000 sites 3% were flagged as malicious and another 5% as suspicious. That is 50% higher than the malicious rate during the same time period for all other registered domains.

Many of those sites will be used for phishing attacks, tricking victims into handing over sensitive information that will lead to all kinds of problems like identity theft or online account takeovers. Or the malicious sites could infect your device with malware or ransomware.

That’s why it’s critical only to go to official websites if you’re looking for information on the coronavirus. Stick with sites like the Centers for Disease Control and Prevention or WHO.

And make sure to type web addresses directly into your browser to make sure you’re not led to a spoofed site. The CDC website is and the WHO site is

Doing a simple internet search for any website could bring up spoofed sites as a result. Scammers are great at making fake sites look official and you don’t want to be messing around on those.

Be careful with unsolicited messages

One thing to keep in mind is the CDC and WHO will not send you email updates on the coronavirus out of the blue. If you get an email or text claiming to be from either organization, don’t click links or attachments that are included.

That’s actually great advice for any unsolicited email you receive. If you get emails from companies you do business with, it’s better to type their web addresses directly into your browser rather than follow a link from a message that could be malicious.

If you need to contact your bank, call the number on the back of your credit or debit card to know it’s the official phone number.

The coronavirus outbreak is bad enough on its own, the last thing we need is shady people piling on looking to rip us off. Just follow the suggestions we’ve detailed in this article, stay cautious and you should be safe. Oh, and don’t forget to wash your hands.

Tech smarts in 2 minutes a day

Get my Daily Tech Update and the Digital Life Hack. Just one minute each and arm you with the tech knowledge you need to impress your boss and friends with how smart you are.