Stay alert for COVID-19 fraudulent emails


Since the government declared lockdown there has been a reported increase in the number of phishing attacks. A number of these have been targeted around COVID-19 communications and the vulnerabilities that come with home working.

What are phishing attacks?

Phishing is the fraudulent use of emails, which appear to come from reputable companies, aimed at gaining sensitive personal information (e.g. login details, financial information, network credentials etc.) They encourage victims to click on malicious links, open malicious attachments or reveal personal details.

Phishing is targeted at both organisations (organisation data) and individuals (individual’s data).

Phishing scams also utilise include phone calls, text messages and social media tools in a bid to trick victims into revealing sensitive information.

Be alert

The Department for Digital, Culture, Media and Sport have recently reported that these cyber-attacks have evolved and become more frequent. Around 46% of businesses reported cyber-attacks and/or security breaches within the last 12 months.

During the current COVID-19 pandemic, many people have been directed to the World Health Organisation (WHO) for updated information. It has been noted that cyber criminals are taking advantage of this and sending fraudulent communications, which appear to come from WHO.

Indications that an email could be fraudulent are:

  • Unusual attachments (.exe files)
  • Unusual links, particularly where these do not match the content of the email
  • An unusual/unrecognised sender
  • Poor spelling and grammar
  • Offers that seem too good to be true
  • Urgent emails about account deactivation/closure

If you receive an email which you believe to fraudulent, please forward it to and delete it from your mailbox. It is vital that you do not click on any of the links/open any attachments. If you are unsure about the validity of an email, you should go straight to the source of the information (e.g. going to the WHO website directly, rather than using the link, if it appears to be suspicious).

Published 6th April 2020

Leave a Comment
Name (required)
Email Address (required, never displayed)
Enter a message

(all comments are moderated - your submission will be posted on approval.)