Arrow back

Three Coronavirus Scams You Need to Watch Out For

25 March, 2020

The global outbreak of COVID-19 (Coronavirus) is having an unprecedented impact on people’s day-to-day lives, causing wide-spread panic, closures and financial uncertainty. To make matters worse, cybercriminals are now capitalising on the situation by exploiting the population’s fears with coronavirus-themed phishing attacks.

These attacks aim to trick potential victims out of their login details and financial information by posing as affiliated organisations, such as the World Health Organisation (WHO) and the Government.

Cybercriminals have not only been targeting individuals, either. Organisations in the aerospace, transport, manufacturing, hospitality, healthcare and insurance industries have also reported phishing emails of this nature landing in their inbox.

This blog will highlight a few of the emails that have been circulated regarding Coronavirus, share the indicators to look out for that would identify an email as a phishing attack, and offer top tips on how to stay safe when receiving emails. Let’s get started.

Scam 1: GOV UK

GOV UK coronavirus scam

This phishing attempt appears to be from GOV.UK and uses their official logo within the email. It aims to convince individuals that they will be receiving a tax refund due to the Coronavirus outbreak. However, if the ‘Access your funds now’ link is clicked, users are redirected to a fake government webpage, which encourages them to input their financial and tax information.

How to spot this attempt:

  • This is not how HMRC would inform you of a potential tax refund. If in doubt, call the real HMRC number and ask them to confirm.
  • The best way to see where a link will take you is to hover your mouse over it to reveal the true web address. If it doesn’t look legitimate, don't click.

Scam 2: World Health Organisation

WHO Coronavrius Scam

Hackers are circulating emails that appear to come from the World Health Organisation (WHO) that contain an attachment which infects computers with malicious software called AgentTesla Keylogger. This malware records keystrokes so that hackers can monitor every move you make online.

The WHO is aware that their brand is being used by hackers and have stated that any email that does not come from ’’, e.g. ‘’, ‘’ or ‘’, is not from them.

How to spot this attempt:

  • To avoid this scam, be wary of emails claiming to be from WHO, as they are most likely fake. Instead, visit their official website, which provides advice on how they communicate.

Scam 3: Centres for Disease Control and Prevention

Centre for Disease Control Coronavirus Scam

This phishing attempt is even harder to spot as it appears to come from the Centres for Disease Control and Prevention’s (CDC) real email address. However, this has been sent through a spoofing tool.

The link attached in this email directs the user to a fake Microsoft login page, which encourages them to enter their email and password. Once this has been done, the user is directed to the real CDC advice page to make it appear even more authentic, but hackers will then have access to their email account.

How to spot this attempt:

  • Again, always hover your cursor over the link to reveal its real web address and whenever in doubt, do not click.

Top Tips


  1. Check the sender address. If the email claims to be from a company or someone you know, but the sender email address doesn’t quite match up, then something’s probably not right.
  2. Enable two-factor authentication on all accounts possible to prevent unauthorised access. This means that you will have to enter a code, texted or otherwise provided to you, to access your email account, reducing the likelihood of hackers being able to access your accounts, even with your login credentials.
  3. Install antivirus software on your devices and turn on auto-updates.


  1. Respond to any electronic communication in relation to your finances via email.
  2. Disclose login credentials or financial information over email.
  3. Open attachments as they may contain malware.

The best defence against scammers in the time of Coronavirus though? A workforce that knows how to protect their - and your! - data whilst working from home.

Our award-winning cyber security awareness courses are designed to support a wide range of devices and can be completed at any time.

Join us on a web demonstration and discover how we can help make secure behaviour part of your organisational culture.

Back to resources

Ready to build your cybersecurity culture?

Whether you’re looking for complete culture change, phishing simulations or compliance training, we have solutions that are tailor-made to fit for your organisation.

Girl with laptop
Boy with laptop
man and woman with laptops
Global Cyber Alliance