Cyber criminals are still attempting to exploit the coronavirus pandemic for their own gain and they’re being helped by website templates that allow them to mimic government agencies and companies.

Researchers at cybersecurity company Proofpoint have identified over 300 phishing campaigns designed to steal personal information and bank details from victims and these are designed  to look like the real thing

Bodies from the World Health Organization, the US Centers for Disease Control, the IRS, the UK’s HMRC and even local councils across London are being mimicked in ready-to-use campaigns.

And while the attacks have proved successful, not all of these bogus sites are perfect: for example, one of the HMRC phishing websites has a completely different user interface to the real thing.

Thei main objest is to steal login credentials, bank information and other personal data from users.

“These are made by a variety of threat actors who are large and small,” said DeGrippo.

It’s expected that campaigns related to COVID-19 will continue for as long as the outbreak itself does.


The UK’s National Cyber Security Centre (NCSC) has taken a number of fraudulent websites down after tip-offs following the launch of the suspicious email-reporting service.

Installing a paid version of Malwarebytes and avoiding links and attachments is emails is important in combating the bad guys… also try and go directly to the website instead of doing a search or clicking a link or attachment.