Email Security Blog

Beware of Coronavirus Phishing Scams

There is a new phishing threat and it’s spreading, like the virus it is leveraging. 

Amid all of the turmoil over the Coronavirus (COVID-19), email hackers are giving us one more thing to worry about.  As companies worldwide are planning for the worst-case scenarios so that they might continue working in the face of a global health threat, a new type of phishing scam has been uncovered that is leaving companies vulnerable.

What is the New Coronavirus Phishing Threat?

In short, phishing emails that may appear to come from a company official are being sent to employees on the topic of the Coronavirus (COVID-10).  The emails may include information of how to protect yourself and others from the virus, as well as plans the company is making in the event that employees must work from home.  Some may even quote the Center for Disease Control (CDC) to make their phishing threat seem more credible.

Coronavirus Phishing Example

One of malicious emails INKY’s Phish Fence caught includes an announcement to employees, along with a link that appears to be legitimate.  Once you click on the link you are taken to a phishing website that appears to be owned by Microsoft, when actually it was set up by hackers.  The cybercriminals behind this scheme are asking your Microsoft login credentials.  Once the hacker has the login credentials they are looking for, they can compromise your email, customer data, confidential company information, and more.  Here is an example of what a Coronavirus phishing email, and the corresponding log-in request might look like:

What Should We Do To Prevent Coronavirus Phishing Attacks?

To fight phishing attacks, awareness is key. The quickest course of action would be to share this blog post with employees to make them aware of the potential cyberthreat. Remember, however, “To err is human, but INKY’s divine”. What do we mean by that? Well, phishing threats are successful because of human error. No matter how many times we might tell employees to be careful, under the right circumstances, even the most vigilant employee could mistakenly fall for a phishing scam. One wrong click can cost your company thousands in lost revenue, clients, and productivity. 

The best line of defense is using a phishing software that acts as an email security solution. INKY uses computer vision and machine learning to take the ownership away from employees. That’s because INKY can see things the human eye cannot. INKY only requires a one millisecond or less to evaluate all incoming email messages and add a banner to the ones that could be harmful. It also integrates seamlessly with any email configuration that your company uses and can usually be configured and deployed in less than 90 minutes.

The Coronavirus (COVID-19) is spreading quickly, and so are the phishing scams that prey on people’s fear about the disease.  Now is the right time to protect your company against these and other phishing threats, with INKY.


INKY® is the emerging hero in the war against phishing. An award-winning cloud-based email security solution, INKY® prevents the most complex phishing threats from disrupting or even immobilizing your company’s day-to-day business operations. Using computer vision, artificial intelligence, and machine learning, INKY® is the smartest investment you can make in the security of your organization. INKY® is a proud winner of the NYCx Cybersecurity Moonshot Challenge and finalist in the 2020 RSAC Innovation Sandbox Competition. Learn more about INKY® or request an online demonstration today.