Watch out for Coronavirus Scammers

Phishing News 2

Due to the current Coronavirus pandemic, email scammers are using this as an opportunity to disseminate emails with malicious links to websites or PDFs.  The emails seek to provoke a sense of fear and urgency in victims to respond to the email.

The email may contain text such as “go through the attached document on document on safety measures regarding the spread of the Coronavirus” and "This little measure can save you.” They are usually sent signed by a doctor or virologist.

Please be vigilant and don't open any email attachments or click on any links in the email. 

Please follow the guidance on identifying a phishing email below and send any emails which you think look suspicious to our IT Security Team at Phishing@southwales.ac.uk

Updates on will be posted Unilife.  If you receive an email about the Coronavirus with the yellow banner on it this from an external source and may well be untrustworthy. 


You may find that there will be variation of the same scam email which attempt to steal login details, distribute spyware or collect personal information from victims. Attackers may try to overtake legitimate email accounts to target staff or students, as if an email comes from a known source you are more likely to open it. 

Further information about Coronavirus phishing can be found on the BBC website: https://www.bbc.co.uk/news/technology-51838468 and from ProofPoint: https://www.proofpoint.com/us/corporate-blog/post/attackers-expand-coronavirus-themed-attacks-and-prey-conspiracy-theories

Phishing is the term generally used for e-mails that try to persuade people into giving up sensitive information, primarily passwords.

Phishing e-mails normally pretend to be from a trusted source using one or more of the following tricks:

  • Faking the sender’s e-mail address
  • Copying images and styles from genuine e-mails
  • Using urgent or ‘panic’ inducing messages

Phishing e-mails used to be easy to identify because they had spelling mistakes or grammatical errors, however, they are becoming increasingly sophisticated.

Phishing e-mails will almost certainly include an attachment or link that you are encouraged to access. An emerging strategy is to create a copy of the Office 365 login so that an attacker can capture the username and password of unwary users.

Report a suspicious email by forwarding the email to phishing@southwales.ac.uk ​​​​​​​


Examples of Covid Phishing emails

Example 1:

Singapore specialist 2

In the example above, there are two things to look out for.

Firstly, the email subject says that it is from a ‘Singapore Specialist’. This is not reliable as there is no way to verify that this is true and any official advice will come from USW.​​​​​​​

Secondly, the link in the email should not be trusted as it could lead to malware infecting your device. You can hover over the link with your cursor to see what site it is linking you to, which in this case, will be an untrustworthy site.


Example 2:

CDC Health

The main focus of this email is to convince you to ‘donate’ to their Bitcoin account. The CDC are not asking for donations in Bitcoin. Alos note the poor grammar throughout the email. This is another sign that the source is not trustworthy.

This email also uses language to create a sense of urgency within the reader. This is a type of manipulation that falls within the term ‘Social Engineering’. Make sure not to fall for this.

Finally, the link near the top of the email should not be trusted, given that the points listed above should make you question the legitimacy of the email.


Example 3:

​​​​​Gov UK Notify

This email attempts to use persuasive, officail sounding terminology to convince you that it is legitimate. A similar email may even include a gov.uk banner, making it appear even more convincing. This however, is also a phishing attempt.

HMRC aren’t paying out tax rebates because of Covid-19 and any tax rebates that they would send out, would not be in this form. The links they have provided may ask you to enter your bank details to complete the transfer, or install malware on your device.

Financial enticement is one of the most effective ways of manipulation, which is why phishing campaigns use this tactic frequently. Just remember, if it seems too good to be true, then it most likely is!


Tips to help you identify phishing:​​​​​​​

  • Always check the sender. You you don’t recognise them, don’t trust them.
  • Never open any email attachments if you aren’t sure of the email’s origin.
  • Never open any links in the email if you aren’t sure of it’s origin.
  • If you do click a link, never input any of your details in to the page.
  • Be mindful of the language/grammar within the email. This can often be an indicator as to its authenicity.

#Coronavirus_Update #unilife