Coronavirus (COVID-19) scams to watch out for

16 April 2020

With the spotlight firmly on the coronavirus (COVID-19), scammers are looking to capitalise on the increased media attention and public concerns to catch people unaware. 

Since first reports of the outbreak, Heritage has seen a rapid increase in the amount of cybercrime using COVID-19 as a means to target individuals and businesses. This includes using COVID-19 related materials on health updates, fake cures, financial packages, emergency benefits and supply shortages as a cover to trick users into clicking on malicious links or sharing their personal information. 

Known scams and tactics: 

  • COVID-19-themed phishing emails asking recipients to click on attachments that unknowingly run malicious code, or trigger the download of malware.
  • Phishing emails claiming to come from the World Health Organisation, government authorities, and legitimate businesses (including travel agents and telecommunications companies) asking recipients to click on links or request personal information.
  • Fake customer advisories, asking people to download software or to sign up using personal details in order to receive service disruption notifications, which then leads to malicious software or code being ran.
  • Fake tax rebate phishing campaigns, encouraging people to browse to unknowingly malicious websites which collect financial and personal information from unsuspecting users.
  • Mobile Apps relating to the outbreak which in return contain mobile malware, seeking to steal personal information or perform other fraudulent activities.
  • Text messages containing links to malicious phishing websites or requesting you to download an App.

What to look out for:

  • Poor grammar, punctuation and spelling.
  • Design and quality of the email isn’t what you would expect.
  • Not addressed to you by name but uses greetings such as “Dear colleague,” “Dear friend” or “Dear customer”.
  • The sender’s language contains emotion, authority and urgency? Potentially a warning threat or that an action will be taken if you don’t immediately do what they are asking.
  • Directly trying to solicit personal or financial information.
  • Are current news stories or economic events being mentioned?

When in doubt, do not click on any links contained within an email, text message or a website advert.

Beware of requests for sensitive data such as your PIN, password, or personal details.

Make sure to get your updates from reputable sources such as the Australia Government Department of Health and the World Health Organisation .

Monitor Government cyber security websites like Stay Smart Online and Scamwatch to keep up to date with current scams.

As always, if you have concerns about the security of your Heritage account, please contact us immediately on 13 14 22. 

More online security tips from Heritage are available here.