sb-as logo
Story image

WHO urges caution after emails, passwords stolen

29 Apr 2020

The World Health Organisation (WHO) has issued a global call for vigilance as it reports a ‘dramatic’ increase in cyber attacks directed at its own staff and phishing scams against the general public.

In a media release, the WHO acknowledged that approximately 450 active WHO email addresses and passwords, and emails belonging to others working on fighting COVID-19, were leaked on the internet.

Although the data was old and did not put WHO systems at risk, the attack affected an older extranet system most commonly used by staff and partners.  The WHO has since moved its affected systems to a more secure environment.

“Ensuring the security of health information for Member States and the privacy of users interacting with us a priority for WHO at all times, but also particularly during the COVID-19 pandemic. We are grateful for the alerts we receive from Member States and the private sector. We are all in this fight together,” says WHO chief information officer Bernardo Mariano.

It’s possible that cyber attackers could use these stolen emails to impersonate genuine WHO officials.

Commenting on the issue, ESET cybersecurity specialist says that people should ensure all emails are valid – especially when they look to be coming from the WHO.

“Many people will not have been familiar with the WHO’s email addresses before this pandemic so it makes the awareness of the legitimacy of their addresses that much harder to identify.”

“Most emails should remain information-based so if you see attachments or links within such communication, I would advise those people to maintain a level of caution and try to head to the real website via a search for it rather than clicking on anything in the email itself. Similar to those phishing emails claiming to be from your bank, it is far safer to route into the provided link via your own path.”

“I would also advise all those with a WHO email address to use a unique and complex password to enter their account. These addresses are highly sought after by criminals around the world and will remain a major target throughout the crisis. Not all attacks are financially motivated and this suggests some criminals are clearly out to cause as much havoc as possible.”  

The WHO says that there has been a massive rise in the number of scammers impersonating WHO in emails.  These scammers are trying to steal money for a fake charity fund.  Adding to the confusion is that the WHO is running its own genuine COVID-19 Solidary Response Fund.

The WHO is working with the private sector to strengthen security measures and create ‘more robust’ systems. It is also educating staff about cybersecurity risks.

“WHO asks the public to remain vigilant against fraudulent emails and recommends the use of reliable sources to obtain factual information about COVID-19 and other health issues.”