Hackers and cyber scammers are taking advantage of the coronavirus disease (COVID-19) pandemic by sending fraudulent email and WhatsApp messages that attempt to trick you into clicking on malicious links or opening attachments.

These actions can reveal your user name and password, which can be used to steal money or sensitive information.

If you are contacted by a person or organization that appears to be WHO, verify their authenticity before responding.

The World Health Organization will:

never ask for your username or password to access safety informationnever email attachments you didn t ask fornever charge money to apply for a job, register for a conference, or reserve a hotelnever conduct lotteries or offer prizes, grants, certificates or funding through email.

Be on alert when you receive an email with any link or attachments containing any reference to WHO. It might be a cyberattack.

The only call for donations WHO has issued is the COVID-19 Solidarity Response Fund, which is linked to below.  Any other appeal for funding or donations that appears to be from WHO is a scam. 

COVID-19 Solidarity Response Fund

Let’s flatten the infodemic curve We are all being exposed to a huge amount of COVID-19 information on a daily basis, and not all of it is reliable. Here are some tips for telling the difference and stopping the spread of misinformation.

WHO is aware of suspicious email messages attempting to take advantage of the COVID-19 emergency. This fraudulent action is called phishing.

These Phishing emails appear to be from WHO, and will ask you to:
give sensitive information, such as usernames or passwordsclick a malicious linkopen a malicious attachment.

Using this method, criminals can install malware or steal sensitive information.

How to prevent phishing:Check their email address

Make sure the sender has an email address such as person@who.int  

If there is anything other than who.int after the @ symbol, this sender is not from WHO.  For example, WHO does not send email from addresses ending in @who.com , @who.org or @who-safety.org  

Beware, however, that even an email address with the correct domain name may not be from WHO.  Criminals can forge the "From" address on email messages to make them appear to be from @who.int . Please follow the steps from 2 to 6 below to prevent phishing.

WHO has implemented a new email security control called Domain-based Message Authentication, Reporting, and Conformance (DMARC) to significantly diminish this type of impersonation.

Check the link before you click

Make sure the link starts with https://www.who.int .  Better still, navigate to the WHO website directly, by typing https://www.who.int into your browser. 

Be careful when providing personal information

Always consider why someone wants your information and if it is appropriate. There is no reason someone would need your username password to access public information.

Do not rush or feel under pressure

Cybercriminals use emergencies such as the coronavirus disease (COVID-19) pandemic to get people to make decisions quickly. Always take time to think about a request for your personal information, and whether the request is appropriate.

If you gave sensitive information, don t panic

If you believe you have given data such as your username or passwords to cybercriminals, immediately change your credentials on each site where you have used them.

If you see a scam, report it