Criminals are disguising themselves as health officials to steal money and sensitive information amid the coronavirus outbreak, the World Health Organisation (WHO) has said.
Cyber criminals are using a type of fraud called phishing to take advantage of fears caused by the virus, which has reached more than 90,000 confirmed cases worldwide.
The global health agency said anyone contacted by a person or organisation that appears to be from WHO should verify if they are authentic before responding.
WHO said it is aware of a number of suspicious email messages “attempting to take advantage” of the coronavirus outbreak.
Read more: UK ‘will see deaths from coronavirus’
The emails ask for sensitive information like usernames and passwords or ask recipients to click a malicious link or open a bad attachment.
“Using this method, criminals can install malware or steal sensitive information,” WHO said.
It recommends checking email addresses, which should be formatted as “email@example.com”. If anything other than “who.int” appears after the @, then the sender is not from WHO.
Examples of fake WHO emails include “@who.com”, “@who.org” or “@who-safety.org”.
Web links should start with “https://www.who.int” but the organisation recommends directly to the website by typing “https://www.who.int” into a browser.
Always question if it is appropriate to share personal information with someone and ask why they would need it, WHO says, and don’t rush or feel pressured if contacted by someone claiming to come from the organisation.
“Cybercriminals use emergencies such as (coronavirus) to get people to make decisions quickly,” WHO’s website states.
“Always take time to think about a request for your personal information, and whether the request is appropriate.”
Change credentials on sites where you may have given away usernames and passwords to cybercriminals and report scams you encounter, WHO says.
Visit the website to view the tips.