Hackers and cyber scammers are taking advantage of the
coronavirus disease (COVID-19) pandemic by sending fraudulent email and
WhatsApp messages that attempt to trick you into clicking on malicious links or
opening attachments.
These actions can reveal your user name and password, which
can be used to steal money or sensitive information.
If you are contacted by a person or organization that
appears to be WHO, verify their authenticity before responding.
The World Health Organization will:
- never ask
for your username or password to access safety information
- never email
attachments you didn’t ask for
- never ask
you to visit a link outside of www.who.int
- never charge
money to apply for a job, register for a conference, or reserve a hotel
- never conduct
lotteries or offer prizes, grants, certificates or funding through email.
The only call for donations WHO has issued is the COVID-19
Solidarity Response Fund, which is linked to below. Any other appeal for
funding or donations that appears to be from WHO is a scam.
READ MORE
Busia leaders urge governor to save local sugar factories from closure
168 pros entered for Nakuru Darts Festival
Cases of extremism and terror attacks on the decline
Police probe death of Masinde Muliro lecturer found in river
Beware that criminals use email, websites, phone calls, text
messages, and even fax messages for their scams.
Phishing: malicious emails and messages appearing to be
from WHO
WHO is aware of suspicious email messages attempting to take
advantage of the COVID-19 emergency. This fraudulent action is called phishing.
These “Phishing” emails appear to be from WHO, and will ask
you to:
- give
sensitive information, such as usernames or passwords
- click
a malicious link
- open a malicious attachment.
Using this method, criminals can install malware or steal
sensitive information.
How to prevent phishing:
- Check
their email address.
Make sure the sender has an email address such as ‘person@who.int’
If there is anything other than ‘who.int’ after the ‘@’ symbol, this sender is not from WHO.
For example, WHO does not send email from addresses ending in ‘@who.com’ , ‘@who.org’ or ‘@who-safety.org’. - Check
the link before you click.
Make sure the link starts with ‘https://www.who.int’. Better still, navigate to the WHO website directly, by typing ‘https://www.who.int’ into your browser. - Be
careful when providing personal information.
Always consider why someone wants your information and if it is appropriate. There is no reason someone would need your username & password to access public information. - Do
not rush or feel under pressure.
Cybercriminals use emergencies such as the coronavirus disease (COVID-19) pandemic to get people to make decisions quickly. Always take time to think about a request for your personal information, and whether the request is appropriate. - If
you gave sensitive information, don’t panic.
If you believe you have given data such as your username or passwords to cybercriminals, immediately change your credentials on each site where you have used them.