COVID-19 Data Giveaway Spam Warning

Background Description

As everyone is aware of Coronavirus (COVID-19) panic situation, cybercriminals are taking the opportunity to send spam message of data giveaway by clicking on the link

Modus operandi:

  1. Once the user clicks the link, they are asked a series of questions related to the current Covid-19 situation, to get a reward of ‘1000GB of free internet’.
  2. After answering the questions, the user will have to forward the link to their contacts via WhatsApp/SMS in order to claim the reward.
  3. Users are then forwarded to for another round of survey questionnaire to claim another reward of $1000 voucher from Amazon or Walmart.  
  4.  Users are again forwarded to where email address needs to be entered for the reward.  
  5.  Lastly, upon entering their email address, users are forwarded to for request of personal information such as Name, Address, Phone Number, Date of Birth and Gender.


  • Users are tricked into giving out their personal information which may lead to identity theft.
  • Collected personal information may be sold to other parties.
  • Personal information can be used as a targeted list for future attacks.
  • Links may direct the user to a phishing site, and in some cases embed a malware without noticing it.


  •  Do not click on any suspicious links or attachments.
  •  Do not forward the message.
  •  Ignore or delete suspicious messages or emails immediately.
  • Use anti-virus software.
  •  Update your OS and applications regularly.
  •  Apply appropriate patches and updates immediately.
  •  Perform file backups regularly in an isolated network environment.
  •  Implement filters at the email gateway to filter out emails with known malspam indicators, such as known malicious subject lines, and block suspicious IP addresses at the firewall.
  •  Consider blocking file attachments associated with malware such as .dll and .exe and .zip files which cannot be scanned by an anti-virus program.
  •  Good cyber hygiene and safe practices.