University of Wisconsin–Madison
Phishing hooks with @ symbols.

Beware of COVID-19 phishing attempts and websites

It didn’t take long for cybercriminals to take advantage of the coronavirus panic. Research shows an uptick of registering large numbers of websites related to the COVID-19 virus and scam emails. Here are some tips to help avoid getting duped:

  • Do not open emails that appear to come from a UW–Madison entity but do NOT end in .wisc.edu
  • Verify that the name of the email sender matches the “from” field. For example: UW–Madison DoIT matches the sender <doit@lists.wisc.edu>
  • Get more tips: Learn how to recognize and report phishing 
  • Before clicking on any website, take time to look at its domain (especially the spelling and use of the “dot”). Here are some examples of potentially dangerous domains:
    • CDC-Covid19@cdc[.]gov
    • Coronavirusstatus[.]space
    • Coronavirus-map[.]com
    • Blogcoronacl.canalcero[.]digital
    • Coronavirus[.]zone
    • Coronavirus-realtime[.]com
    • Coronavirus[.]app
    • Bgvfr.coronavirusaware[.]xyz
    • Coronavirusaware[.]xyz
    • Corona-virus[.]healthcare
    • Survivecoronavirus[.]org
    • Vaccine-coronavirus[.]com
    • Coronavirus[.]cc
    • Coronavirusupdate[.]tk

Avoid accessing or downloading any Coronavirus Maps if you are not sure of their legitimacy. They can plant malware on your computer which can steal your credentials (such as user names, passwords, credit card numbers and other sensitive information). According to this Forbes (March 11, 2020) article, Warning: You Must Not Download This Dangerous Coronavirus Map:

“This particular .exe file appears to come from Johns Hopkins, and mimics a real map. It’s difficult to tell—but if you search for the legitimate site you will find the real information available there.” 

The best advice is to not jump on the coronavirus panic, slow down and examine your emails or websites before opening them. It’s something we should all be doing every day.