Hackers and cyber scammers are taking advantage of the coronavirus disease (COVID-19) pandemic by sending fraudulent email and WhatsApp messages that attempt to trick you into clicking on malicious links or opening attachments.
These actions can reveal your user name and password, which can be used to steal money or sensitive information.
If you are contacted by a person or organization that appears to be ARiS, verify their authenticity before responding.
- neverask for your username or password to access safety information
- neveremail attachments you didn’t ask for
- neverask you to visit a link outside of aris-world.com or www.aris.co.tz
- nevercharge money to apply for a job, register for a conference, or book a hotel
- neverconduct lotteries or offer prizes, grants, certificates or funding through email.
Beware that criminals use email, websites, phone calls, text messages, and even fax messages for their scams.
You can always verify if communication is legit by contacting ARiS directly.
Phishing: malicious emails and messages appearing to be from ARiS
ARiS is aware of suspicious email messages attempting to take advantage of the COVID-19 emergency. This fraudulent action is called phishing.
These “Phishing” emails appear to be from ARiS, and will ask you to:
- give sensitive information, such as usernames or passwords
- click a malicious link
- open a malicious attachment.
Using this method, criminals can install malware or steal sensitive information.
How to prevent phishing:
- Check their email address.Make sure the sender has an email address such as ‘email@example.com’If there is anything other than ‘aris-world.com’ after the ‘@’ symbol, this sender is not from ARiS.
For example, ARiS does not send email from addresses ending in ‘@aris.com’ , ‘@aris-world.org’ or ‘@aris-health-insurance.org’.
- Check the link before you click. Make sure the link starts with ‘http://www.aris-world.com’. Better still, navigate to the ARiS website directly, by typing ‘http://www.aris-world.com’ into your browser.
- Be careful when providing personal information. Always consider why someone wants your information and if it is appropriate. There is no reason someone would need your username & password to access public information.
- Do not rush or feel under pressure. Cybercriminals use emergencies such as the coronavirus disease (COVID-19) pandemic to get people to make decisions quickly. Always take time to think about a request for your personal information, and whether the request is appropriate.
If you gave sensitive information, don’t panic.
If you believe you have given data such as your username or passwords to cybercriminals, immediately change your credentials on each site where you have used them.