The situation generated by COVID-19 has led to global insecurity and has prompted several cyber-attacks such as phishing. Phishing is used to trick you into revealing personal information, such as passwords, social security data or bank account details. Additionally, if a phishing attack results in a personal data breach, this could trigger the obligation for the organisation to notify such breach to the data protection authority.

A few days ago, and during the health crisis caused by COVID-19, a ransomware called NetWalker which infects users via Coronavirus phishing was announced. This ransomware can break down the entire computer system of hospitals and health organisations.

The main purpose of this particular phishing activity is to supplant legitimate organisations, such as the Ministry of Health or International Organisations, with relevant information about the COVID-19, pretending to provide help and advice.

How does it work?

You will be contacted through instant messaging services such as WhatsApp, fraudulent emails and other means such as directing you to a fake website and you will be asked to open a file urgently or follow an internet link to get the information.

What happens if you click on the link and download an attachment?

It will be malware that allows cyber criminals to take control of your device, access your information and personal data. Internet links included in these messages can also take you to websites that impersonate other organisations to steal your service access credentials or other personal information, such as your social security number, bank details for payment of a coronavirus test, etc.

What are the tips you should follow?

The Spanish Data Protection Authority has published some practical recommendations that all of us should follow.

  • Keep yourself informed through official and reliable sources, going directly to the websites of the institutions or media, never through a link provided in a message or an email.
  • Verify the email address that sent the message and the web link that the message sends you to. Sometimes it is obvious that the web address is not legitimate, but other times cyber criminals are able to create links that look very much like legitimate addresses.
  • Beware of requests for personal information from websites that you have reached by following a link contained in an email or message. It's better to go directly to that organisation's website.
  • Pay close attention to the content of the message, be suspicious of messages with spelling mistakes, grammatical errors and generic greetings without providing any information about yourself such as "Dear patient".
  • Be much more suspicious if the content of the message also urges you to take any kind of action as soon as possible, with unjustified urgency.

For detailed information about how your organisation can implement effective cybersecurity measures, see our Cybersecurity Toolkit