Emergencies, such as the current COVID-19 pandemic, offer golden opportunities for hackers and con artists to launch fraudulent campaigns to make a profit from playing on people’s fears or evoking feelings of compassion. They are setting up fraudulent web sites offering “cures”, or creating sites pointing people to an online map that purports to track COVID-19 cases, but actually pilfers usernames, passwords and credit card numbers stored in a user's browser, and even impersonating the World Health Organization (WHO) to steal money.
According to cybersecurity firm Sophos, some online-perpetrators are now masquerading as the WHO in an attempt to steal cryptocurrency donations to fight the COVID-19 pandemic.
The WHO impersonations were reported by Sophos’ security expert Chester Wisniewski on March 19. According to the researcher, scammers are trying to trick people into sending them Bitcoin as a donation to WHO’s COVID-19 Solidarity Response Fund, established in partnership with the United Nations Foundation.
According to the email screenshots posted by Wisniewski, the scammers ask potential donors to send donations in Bitcoin directly on a Bitcoin address provided in email. As of the time of writing this news article both Bitcoin addresses listed in email were empty.