COVID-19 Themed Phishing Attacks

By now, you should all be aware of the dangers that lurk on the internet; included in that list of dangers is Phishing Scammers. Phishing Scammers are growing increasingly sophisticated and opportunistic. They will try many things in attempt to to obtain sensitive information such as usernames, passwords and card payment details by posing as a trusted entity in an electronic communication. They are also very likely to target at a time when businesses and end-users are at their most vulnerable.

COVID-19 is big business for Cyber Criminals

If the situation with COVID-19 wasn’t quite challenging enough for everyone, then throw in some on-topic Phishing scams for good measure. For Cyber Criminals, the evolving situation with COVID-19 creates a targeted opportunity to prey on end-users.

As of last month (March 2020), the City of London Police reported a 400% increase* in scams as a result of Coronavirus related fraud. Currently, over 100 reports have been sent to Action Fraud (UK’s fraud reporting centre) with total losses of around £1.6m.**

Some of the scams we have seen include faking ‘official’ messages from the Government, for example text messages telling people they have been fined £250 for leaving their home more than once a day during lockdown.

We have put together a shortlist of some of the current email and text phishing scams that are circulating the internet to help keep you one step ahead. Please be vigilant!

Fake lockdown fines

People have been warned not to fall victim to a suspicious text message saying they have been fined for stepping outside during the Coronavirus lockdown.

The scam message claims to be from the Government, telling the recipient that their movements have been monitored through their phone and they must pay a fine or face a more severe penalty.

HMRC goodwill payment

The Police are warning people of a fake message designed to steal your account details that claims:

‘As part of the NHS promise to battle the COVID-19 virus, HMRC has issued a payment of £258 as a goodwill payment’.

Free school meals

The Department for Education has advised about a phishing email designed to steal your bank details saying:

‘As schools will be closing, if you’re entitled to free school meals, please send your bank details and we’ll make sure you’re supported.’

WhatsApp request to forward your code

Another scam suggests hackers could be granted full access to your WhatsApp messages, photos and videos.

Someone who knows your phone number could request to register your WhatsApp on a different device, and when a verification code is sent to you, the hacker will then message you to try and trick you into forwarding this on to them. They could then target your contacts with requests for money.

WhatsApp Martinelli Hoax or “Dance of the Pope”

A weird WhatsApp hoax is also going around at the moment called the “Dance of the Pope” or Martinelli hoax. This can be recognised with its signature statement: “Please inform all contacts from your list not to open a video called the ‘Dance of the Pope”.

It is a virus that formats your mobile. It is very dangerous so please be aware NOT to “Fwd this msg to as many as you can!” – as they suggest.

Cracking down on COVID-19 related Cyber Crime

The UK Police have issued fraud prevention advice against COVID-19 related scams and advise that many more criminals will capitalise on public fears over the pandemic as it spreads.

If you suspect a scam you can call Action Fraud straight away on 0300 123 2040. Remember, just because you know it’s a scam, doesn’t mean others do. Afterall, we’re all #inthistogether.

How to prevent falling victim of a Phishing scam

We have lots of good resources on our blog about how to spot a Phishing attack, why Phishing Simulation campaigns are so important and some Cyber Security ‘quick tips’ to help keep you secure online.

Here are a few quick tips to keep you one step ahead of Phishing scammers.

Check their email address

Make sure the sender has a non-suspicious email address such as ‘’

If there is anything other than ‘’ after the ‘@’ symbol, this sender is likely not from MFG.

For example, MFG do not send email from addresses ending in ‘’ or ‘’

Check the link

Make sure the link starts with ‘https://’.  And remember to always hover over the link to see its destination before clicking. More than likely the URL will be something completely different to who the scammers are pretending to be.

If you HAVE to give out personal information

Always consider why someone wants your information and if it is appropriate. There is no reason someone would need your username & password to access public information. Don’t be afraid to challenge someone requesting your data either! It is yours after all.

Don’t be rushed or feel under pressure!

Cyber Criminals use emergencies such as the Coronavirus pandemic to get people to make decisions quickly. Always take time to think about a request asking for your personal information and whether the request is appropriate.

If you gave sensitive information out, don’t panic

If you believe you may have given data such as your username or passwords to Cyber Criminals, immediately change your credentials on each site where you have used them. Even better, use Multi-Factor Authentication (MFA) to protect your account from unrecognised logins.

Turn on MFA

Never trust passwords alone. Use MFA to offer multiple layers of protection over your online accounts.

With Multi-Factor Authentication for Office 365***, users are required to acknowledge a phone call, text message, or an app notification on their smartphone after correctly entering their password. Only after this second authentication factor has been satisfied can a user sign in.

If you see a scam, report it

If you see a scam, tell us about it. Well done for spotting a scam! But remember, just because you know it’s a scam, doesn’t mean your colleague does. Tell us, so we can tell them.


** The Guardian
*** Microsoft

Share This: