Fake News: Phishing and Email Scams Explode in the Age of Coronavirus 

Corona virus is a global pandemic that has spread quickly and paralyzed much of the world. Unfortunately, that’s not the only threat we face.

Cyber-criminals are using this pandemic to spread malicious activity and fake news relating to the outbreak of the virus. Although countries are taking steps to fight corona virus misinformation, the threats remain rampant. 

What is fake news?

Fake news is a type of news consisting of hoaxes spread via traditional news media or online social media.

Over the past few weeks, for example, the messaging service WhatsApp has had reports of fake news, with some claiming to have “cures” to slow the spread of the virus:

In recent weeks, WhatsApp users throughout Africa and Asia reported a stream of text messages and voice memos in private channels that pitch fake coronavirus cures. Some of the recirculated texts wrongly list garlic, salt water, and a type of tea as natural remedies for the outbreak, even though no treatments exist.”

The Washington Post

Some of the fake news reportedly spreading on WhatsApp include graphics with Unicef branding, even though Unicef has said that the graphics are not from them.

Fake news is dangerous because spreading false hope about cures that do not work could lead to devastating health effects. Moreover, false information ranges from dangerous to downright stupid (consider that CNN found that 38% of Americans wouldn’t buy Corona beer “under any circumstances” because of coronavirus). 

Emails claiming to offer coronavirus cures have been circulating that ask for money. It seems obvious but you shouldn’t hand over your credit-card information, or wire money, when someone emails you about an “exclusive” cure for coronavirus.

To be abundantly clear, there is definitely no link between the virus and any alcoholic beverage and there is also no known cure, so don’t wire anyone money!

But you knew that, right? But do you know how to spot fake news?

5 ways to spot fake news

  1. What is the news source? Look for dedicated, reliable news outlets (ABC, CNN, BBC, the New York Times, the Guardian, etc.), not a special interest blog or forum. And a dedicated fake news site will completely fabricate stories for the sake of website traffic.
  2. Look at the author. Who wrote the news article? If you are reading an article without a byline, that could be a red flag that the article is fake. 
  3. Check the publish date. Sometimes a fake-news writer will take a true story, add some new controversial details, and link something that happened a long time ago to present events. This sensational modification will help the fake news spread quickly, and most times, people don’t fact-check when the events of the story took place. 
  4. Pay attention to fake domains. Another home to fake news can be found on fake domains and phony news sites. Always pay attention when looking at URLs — for example, look closely at the differences between https://abcnews.go.com and https://abcnews.com.co. 
  5. Research photos. Does the story you’re reading have a photo associated with the news, and is that photo real or Photoshopped? Sometimes fake news will embed deceptive, edited photos, like these examples of misleading pictures that went viral. 

If you want to know more, here you can find an article dedicated to how to spot fake news.

How to report and flag fake news

How do you report these deceptive websites and slow the spread of fake news? Here’s a step-by-step guide to report fake and misleading articles on various platforms.

Facebook

  1. Click on the “•••” button on the top right of the post.
  2. Select “Hide post.” The post will vanish from your screen and be replaced with a brief message. This is where you can choose to “Report post.”
  3. Finally, hit “Mark this post as false news.”

Twitter

To report a single tweet:
  1. Find the tweet you wish to report.
  2. Click on the “V” icon in the top right corner of the tweet.
  3. Select Report from the drop-down menu.
  4. Choose an option that best describes the issue you have with the tweet.
  5. Then, provide more info about the tweet and why you think it needs to be removed.
To report an account:
  1. Go to the account you wish to report.
  2. Click on the gear icon (web and iOS) or three dots icon (Android).
  3. Select Report from the drop-down menu.
  4. Choose an option that best describes the issue you have with the account.
  5. Provide more information on the reason for reporting the account.

Instagram

  1. Head over to the Instagram post you wish to report.
  2. Click on the three dots icon at the top-right of the post and click Report.

Google

  1. Take a screenshot of the site or article and save it.
  2. On the Google search results page, scroll to the bottom of the screen and click Send Feedback.
  3. In the dialogue box, upload the screenshot and describe why the site/article needs to be removed.
  4. Click Send and let the Google team do the rest.

What is phishing?

Now you know how to spot, report, and hopefully stop the spread of fake news!

But do you know how to prevent getting fooled by the new phishing scams that prey on coronavirus panic?

The key to protecting yourself against phishing emails is to be on guard. According to the Federal Trade Commission, the most common phishing messages may say they’ve noticed suspicious activity or log-in attempts; claim there’s a problem with your payment information; want you to click on a link to make a payment; or say you’re eligible to register for a government refund.

But the trouble with COVID-19-related phishing emails is that they often look legitimate and prey on your health worries.

Some of these fake phishing scams ask for charity donations for studies, doctors, or victims that have been affected by coronavirus. (Note that if you do want to donate to a charity of your choice, always type the charity’s URL yourself into your web browser, never access it from an email link!)

Do you want to know more about how to detect phishing emails? Here you can find an article about 5 ways to spot a phishing email.

We would also like to recommend you to review your passwords and create more secure ones. If you need some advice here you will find 5 tips for creating a secure password.

Don’t get fooled

There are a few types of fake coronavirus emails in circulation that impersonate healthcare and government organizations. These emails appear legitimate but actually contain malicious phishing links or dangerous attachments.

Some phishing scams pretend to be from the World Health Organization, offering “new” information about the virus in exchange for clicking on a malicious link or asking for a user’s login credentials. In one example, a scam email asks users to click a link in order for them to see the WHO’s “safety measures” about COVID-19.

In another WHO-related phishing example, cybercriminals asked for a user’s email details. According to security researchers at Sophos, “the crooks were hoping that because their website looked exactly like the real thing – in fact, it contained the real website, running in a background browser frame with the illicit popup on top – you might just put in your email details out of habit.”

Yet another threat comes from emails claiming to have an “updated” real-time map of coronavirus outbreaks in your area, with the goal being to get you to click on their malicious link. While Johns Hopkins researchers are maintaining a legitimate, real map on their website, the fake health map circulating via phishing emails is NOT real.

At first glance it seems convincing: like the real map, it includes a tally of confirmed cases and total deaths and cites Johns Hopkins University’s Center for Systems Science and Engineering as its data source.

But this fake map contains malware that can:

        • steal credentials, payment card numbers, cookies, and sensitive browser-based data
        • seek out cryptocurrency wallets
        • take unauthorized screenshots
        • save a victim’s public IP address
        • gather information, including the OS system, architecture, hostname, and username

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has issued guidance warning citizens to use caution in handling “any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.”

In any case, for all your web activities is always highly recommended the use of a Virtual Private Network to protect your data and your privacy.

In these trying times, we must not only protect our own physical health but also take extra steps to protect our online security too. Use caution and be aware, Ghosties!

Leave a comment

The news is, unfortunately, turning to be fake.

Reply

Unfortunately, media can be biased and enable fake news, Chris. That’s why it’s important to check the facts and follow reputable sources.

This is real

Reply

Someone hacked my ig acount

Reply

We’re sorry to hear that happened to you. 😔 Make sure to change your password. We’d also recommend adding two-factor authentication. Stay safe!

Write a comment

Your email address will not be published. Required fields are marked*