The Datamax Thinking Blog

Educating, collaborating, and sparking ideas for maximizing the technology that matters.

3 COVID-19 Phishing Email Examples To Help Your Business Identify Scams

Datamax COVID-19 related phishing scams

But what might a COVID-19 phishing email scam look like? We looked in our own inbox, and accessed a valuable cybersecurity resource, to show you things to be looking for.

Two basic qualities that cybercriminals prey on are vulnerability and desperation. With so many on high alert with COVID-19 information and updates, phishing season is in full swing.

Email phishing scams involve sending deceptive emails and instant messages to bait you into sharing sensitive information. It often involves fabricated websites made to look identical to legitimate sites. In the case of the ongoing pandemic, these emails may claim to be with the CDC; they may mention trying to "protect" you with COVID-19 health tips; or they might just be an "update" on a coronavirus company policy, supposedly being sent by a coworker with a malicious link or attachment.

But what might a COVID-19 phishing email scam look like? We looked in our own inbox, and accessed a valuable cybersecurity resource, to show you things to be looking for. 

Here Are 3 Real-Life Phishing Email Examples:  

Email #1: An Important Message from "Humana."

FROM:  John (

SUBJECT LINE: The following is a safe message from Humana. 

Hello there,       

The following invoice statement message is delivered to you by Humana.

Thanks for your recent order of Coronavirus (COVID-19) insurance plan.

Kindly follow the link down below to see invoice statement.

What's Phishy?

The subject line alone brings its own sense of irony. So, what's wrong with this email? Obviously, this cybercriminal is attempting to lure one in with an updated insurance policy that encompasses Coronavirus coverage. It's timely. And it may seem believable. However, a closer look at the sender's information reveals a strange email name and domain that in no way resembles anything to do with Humana.

This is a powerful indication that the email is not legitimate. More on that below.

Email #2: An "Internal" Coronavirus Update.

FROM: Karen

SUBJECT LINE: Coronavirus Update 

Karen has sent you a document through OneDrive, access the document by clicking the button below.

If you have any problems access the document, please email me back.

What's Phishy?

If one were to click on this link, they'd be directed to a fabricated Microsoft OneDrive log-in site (made to look identical to the real one) with an erroneous URL.

Email #3: A Flight "Rewards" Program.

From: Coronavirus Flight (

Subject Line: How was your flight back to Canada with Coronavirus? 

Did you enjoy your flight? Tell us about your Air Canada experience and get exclusive offer rewards.

What's Phishy? 

What looks like a nicely displayed, legitimate Air Canada marketing email becomes suspicious when one looks at the actual email anatomy of the sender. Clicking on the link to "earn your rewards" will result in malicious activity. 

3 steps for investigating a potential phishing email:

1. Examine the email anatomy.

Closely examine the display name and email address. While the display name may be “Amazon Product Highlight,” dig a litter deeper into the actual email address and specifically the domain name. If it’s a phishing scam, you will see something bogus (recent example: Email name: Amazon.Product.Highlight. Email domain:

2. Hover over the link.

Sender asking you to click on a link? Take your cursor and hover over the link, and it will expose what site the link is actually traveling to. Upon examination, you’ll find out quickly that you’re not going to be going to Amazon Product Highlight.

3. Nab the URL.

Still not sure? Without clicking the link, nab the url by right clicking and copying link, and and put it into a Google or Bing search window and see what comes up. Come up as Amazon? No problem. Something else? You have further confirmation that the link is nefarious. Just be careful to place the link inside the actual search bar to view search results, and do not visit the actual website.

What makes phishing particularly cumbersome in 2020? It's the number one delivery vehicle for Ransomware, a malicious software designed to block access to a computer system until a sum of money is paid.

To learn more about this dangerous and prolific attack method, download the "Global State of the Channel Ransomware Report" below.



Topics: Network Management Network Security Coronavirus