Skip to Main Content

Cybercriminals exploit corona virus suffering for financial gain

Like most of us, you’re probably worried about the coronavirus and your health. It’s tempting to open emails or click on links that appear to offer the latest developments, instructions to keep you safe, or even a cure, but…

Please be aware that cyber-criminals are using fear of the coronavirus to peddle their evil online wares, including malware, phishing emails, and trojans.

Coronavirus-themed attacks are intensifying

Cybercriminals love a crisis. As long as media coverage and public interest are in full swing, hackers will continue to exploit the opportunity. Initial attacks focused on the US and Japan, but quickly expanded to Europe and Australia. The malware used is becoming more diverse too, and now includes Emotet, the AZORult information stealer, the AgentTesla Keylogger and the NanoCore RATll. All of these can steal vital personal details, including financial information. Read on for the favorite mode of attack.

#Cybersecurity alert: Cybercriminals hijack #coronavirus fear to spread #malware.  Look out for #phishing emails—they’re not really from CDC or WHO!


Going phishing with the coronavirus

There’s a flurry of phishing emails from cybercriminals trying to hook victim’s data. Some emails promise a secret cure, while others bait their traps with conspiracy theories: Evil scientists create new virus!

A phishing email sent pretending to offer a cure

The most convincing emails abuse seemingly legitimate sources! These “official” updates appear to come from the Centers for Disease Control and Prevention in the US or the World Health Organization. See the examples below.















Beware! If you open the email pictured above, the attached documents download and install ransomware on your computer, encrypting both your local files and the files on any network you may be connected to.

In another version of the email, you’re urged to click on a link. You’ll need to look closely to spot the fraud: The e-mails come from, whereas the CDC’s real domain is

If you do click on the link, you’ll end up on what looks like the official Microsoft Outlook website and be required to log in with your email address and password. Your details will be passed straight into the waiting hands of criminals who can use them to access your email account to see that they can find…

WHO sent that exactly?

The World Health Organization has just issued an official alert that scammers have been impersonating them. The emails are well camouflaged with the WHO logo and the website looks genuine, because it (nearly) is: This phishing page loads the real WHO website in a frame in the background and displays a fake pop-up in the front. Nicely done. Don’t fall for it!

Safety is your hands

The best antivirus in the world can’t stop you making yourself vulnerable. You’re master and commander of your own security, so be vigilant, always:

  • Carefully check and verify the email address of the sender and download only apps and files from trusted sources.
  • Check file extensions. Malicious pdf, mp4, and docx files are currently the hot favorite for coronavirus-themed attacks.
  • Hover over a link without clicking on it, to see if the real address it leads to is different to the link description.

If you haven’t already, Avira recommends that you always:

Strengthen passwords: If you’re still writing them down, you need a password manager asap to keep all your online accounts safe.

Use VPN: Surf the web anonymously and securely by masking your IP address and encrypting your data.

Keep software updated: Outdated software has security gaps known to hackers. A software updater keeps systems current and secure.

For even greater peace of mind, use a complete, trusted solution like Avira Free Security.

Avira, a company with over 100 million customers and more than 500 employees, is a worldwide leading supplier of self-developed security solutions for professional and private use. With more than 25 years of experience, the company is a pioneer in its field.