Beware of COVID-19 phishing emails

Cyber criminals are making the most of the COVID-19 pandemic by creating phishing schemes and fake websites that mimic legitimate sources of information about the virus. These malicious emails and websites can download malware (malicious software) to your computer, and trick you into revealing your personal details.

Here are two of the main schemes currently in operation, but there are many others and more are likely to arise as the situation continues.

Phishing email WHO

World Health Organization phishing email

The World Health Organization (WHO) is a trusted source of information about the COVID-19 virus but cyber criminals have created a phishing email to steal user details and download malicious software. It is particularly difficult to identify as it utilises the real World Health Organization website to fool users into sharing their details.

Here’s how it works:

  1. Users receive an email appearing to be from a World Health Organization with updates on the virus.
  2. They are asked to download an attachment to view the information.
  3. Users are then asked to click a ‘Safety Measures’ button that takes them to a website controlled by the cyber criminals.
  4. The website shows the World Health Organization website in a preview and asks users to confirm their email via a pop up.
  5. These details are passed on to the hackers and the user is transferred to the official World Health Organization website. A piece of malware is also downloaded to the user’s computer.

Report Email buttonThis is just one example of a phishing email from a health organisation but there are many others.

What can you do?

To protect yourself against schemes like this:

  • question any email that asks you to verify your details
  • refuse to click on links in unsolicited emails or download attachments
  • check the full email address of the sender
  • report emails to the Cyber Security team through the Symantec button in Outlook.

John Hopkins University Mirror Website

The John Hopkins University Coronavirus map is a legitimate source of information on virus-spread throughout the world.

Cyber criminals are using information from this website to prompt users to download a piece of software to generate the map. As the map does not require any software to be downloaded, this is a prompt to download a piece of malware.

What can you do?

  • To remain safe, never download software to your computer unless you are completely sure of its origins.
  • You can also keep yourself safe by making sure your information comes from official domains such as,, and 

You can stay up-to-date on this and other Cyber Security news by joining the Cyber Security Workplace group and the Cyber Security SharePoint where our cyber-experts post frequently about industry news and advice.


The following slideshow controls change the content above and below. Information is displayed below the controls while video content plays above the video controls.

Service Central

Visit Service Central to access Corporate Services.

Other service contacts

Learning and Teaching
Request Something

Make a request for services provided by Corporate Services.

Request something
Knowledge base

Find answers to frequently asked questions 24/7.

See Knowledge Base