17.03.2020 Don’t click: Coronavirus phishing scams on the rise

by Andrew Milne

Use Covalence and follow these tips to stay secure


As the coronavirus continues to make its impact across the world, it can be challenging to stay cool-headed.

Health and safety have never been more critical. At the same time, cyber criminals are finding new ways to exploit COVID-19 fears and take advantage of anxious workforces.

At Field Effect, safety and security are central to our culture and mission. Our team is committed to ensuring our employees, customers, channel partners, and business associates remain safe and secure. And yes, with a bit more peace of mind.

So, let’s take a look at factors driving new cyber crime in the COVID-19 events, the tactics emerging, and tips for avoiding these scams.

More remote workers, connections, and devices

More businesses and organizations are enabling employees to work remotely to avoid spreading the virus. While this enables business to continue, it also presents new security challenges.

For example, companies may be in various stages of enabling flexible work. While small businesses that rely on distributed, virtual teams to move their operations forward may have secure remote access capabilities (e.g. hardened VPN access) and firewalls already in place — others may simply not have the tools or security measures ready to support virtual work on a wider scale.

Yet, enabling safe remote access requires proper security controls. This requires IT teams and service providers to diligently monitor remote access system behaviors, communicate best practices, and apply fundamental security measures — threat monitoring and detection, advanced and updated endpoint and network protection, password policies, VPNs, and DNS firewalls, to ensure connections to the network and web browsing from remote workers stay private and secure.

As a reminder, our Covalence threat monitoring and detection platform can detect Remote Desktop Protocol (RDP) activity from external sources into user networks. Covalence will also generate alerts when network connections from common Remote Administration Tools (RATs) happen, and detect when anomalous logins occur on cloud-based solutions (e.g. G Suite, Office 365).

Health advice or dangerous malware?

New COVID-19 email and web scams are also playing on uncertainty and fears. Attackers are disguising emails as health and safety updates from authorities, or even more dangerous, urgent alerts with mandated actions and requests — claiming to be organization representatives and asking the victim to click a link, open an attachment, or provide sensitive information such as usernames or passwords.

Attackers are also serving up fake COVID-19 websites — one was disguised as a coronavirus map of worldwide infections. Once you click on the site, you’re directed to open an applet that infects your device with AZORult malware, a credential and data-stealing malware.

Here are just two examples:

  • Phishing scams positioned from the World Health Organization, pretending to offer coronavirus information, encouraging recipients to view an attached file — don’t click, this distributes GuLoader malware that installs an information-stealing trojan (FormBook).
  • Phishing emails sent to Italian email addresses, offering an attached word document with advice on preventing infection. However, the document contains a Visual Basic script that downloads and executes a variant of the Trickbot banking trojan.

Don’t click, follow these tips

Learning to recognize signs of phishing can be tricky. Urgent requests for action or information, typos and misspelled emails, unfamiliar email addresses, are all signs. Stay calm and when in doubt, don’t click! Additionally, avoid downloading and installing any software/apps specifically related to coronavirus (or any current news cycle topic).

The Cybersecurity and Infrastructure Security Agency (CISA), the risk advisor in the U.S., just issued a warning about the coronavirus email scams.

Here are tips from CISA with precautions to take:

At Field Effect, we offer customized phishing exercises, as well as cyber range training, to keep teams skilled at recognizing the tricks. Through our Suspicious Email Analysis service, we also provide expert-level analysis of email content metadata, and attachments, all with actionable steps to take.

When in doubt, never click. Always report anything suspicious to your IT team, IT service provider, or our team here at Field Effect.

Remember to stay calm

While calm may not always be the order of the day, our Field Effect team is available to answer any security questions and provide support. Reach out to us at hello@fieldeffect.com.

You can stay informed on the latest COVID-19 developments by visiting the websites below:

Stay healthy, safe, and secure!


Request Demo

Fill out the form and we will send you details about our demo.

  • Get Covalence Cloud Now

    Protect your company today

  • Let us know what Cloud Services you have
  • By clicking the button below, you agree to the Field Effect terms and conditions

  • This field is for validation purposes and should be left unchanged.
  • Sign up

    Get your free 30-min assessment with a cyber security pro to help you understand your security needs

  • This field is for validation purposes and should be left unchanged.
  • Sign up

    Get your free 30-min assessment with a cyber security pro to help you understand your security needs

  • This field is for validation purposes and should be left unchanged.

Send Us A Message

Fill out the form and we will get back to you!


Think you are ready?

We are always on the look-out for amazing people. Think you are one of them? Complete the form here!

  • Accepted file types: pdf, jpg, png, doc, docx.


Field Effect’s experience has taught us that every organization is different – different workflows, different personnel and different threats.


We believe in modularity, simplicity and effectiveness. Our expert developers have lived the challenges you want solved. Build and operate more secure and resilient networks with Field Effect Software.


We are proven leaders in the development of network application solutions, low level systems development, and cyber security analytics.


Partner with Field Effect and gain the cyber security solutions, services, and support to secure your customer’s operations, drive client success, and realize profits.


We’re always looking for highly-skilled security and engineering professionals to join our team…


Field Effect Software helps strengthen the IT security operations of organizations large and small. We understand that different organizations face different challenges, and we’re incomparably qualified to match the perfect solution to your unique challenges. Drop us a line, we’d love to help.

COVID-19 – A message from our Chief Operating Officer