WHO warns of scams related to Covid funding

Criminals are using email, websites, phone calls, text messages and even fax messages for their scams

Hyderabad: The World Health Organisation (WHO) has warned against hackers and cyber scammers who pretend to be from WHO and seek donations for Covid-19 solidarity response fund or take advantage of Covid-19 pandemic by sending fraudulent email and WhatsApp messages that attempt to trick individuals into clicking on malicious links or opening attachments.

In the recent past, according to WHO, there have been some cases reported of people fraudulently presenting themselves as WHO or Covid-19 solidarity response fund and sending invoices requesting payment on behalf of the fund.

In case, the individuals or recipients respond, such actions can reveal their user name and password and used to steal money or sensitive information. The WHO has urged people that if individuals are contacted by persons or organisations that appear to be from WHO their authenticity should be verified before responding.

“The WHO does not ask for usernames or passwords to access safety information and does not send email attachments or charge money to apply for job register for conference or reserve a hotel,” the WHO alert on cybersecurity said.

Criminals are using email, websites, phone calls, text messages and even fax messages for their scams. The WHO is aware of suspicious email messages attempting to take advantage of the Covid-19 emergency.

The phishing emails appear to be from WHO and ask the recipients to share sensitive information such as usernames, passwords and urge them to click on a link to open an attachment.

“Using such methods, criminals can install malware or steal sensitive information. General public must make sure the sender has an email address such as ‘person@who.int’ and if there is anything other than that, the sender is not from WHO. For example, ‘@who.com’, ‘@who.org’ or ‘@who-safety.org’ are not WHO emails,” it said.

Even an email address with the correct domain name may not be from WHO. “Criminals can forge the “From” address on email messages to make them appear to be from ‘@who.int’, it said.

The WHO on its part has implemented a new email security control called Domain-based Message Authentication, Reporting and Conformance (DMARC) to significantly diminish such kind of impression.

The only call for donations WHO had issued recently was Covid-19 Solidarity Response Fund
(https://www.who.int/emergencies/diseases/novel-coronavirus-2019/donate) and any other appeal for funding donations that appears to be from WHO is a scam.

WHO advisory

* Check the link before you click
* Be careful when providing personal information
* Do not rush or feel under pressure because cybercriminals use emergencies such as Covid-19 to get people to make quick decisions
* If you gave sensitive information, don’t panic, report to authorities. Also, report to https://www.who.int/about/report_scam/en/

Also read: 

472 new Covid cases, two deaths in Telangana(Opens in a new browser tab)

---

Now you can get handpicked stories from Telangana Today on Telegram everyday. Click the link to subscribe.

Click to follow Telangana Today Facebook page and Twitter .

---