Agari CEO Patrick Peterson joins Yahoo Finance’s Zack Guzman to discuss how to protect yourself amid increased email scams and phishing attacks that are taking advantage of the coronavirus.

Video Transcript

ZACH GUZMAN: Right now, we're digging into the way that hackers and scammers have been able to capitalize on fears surrounding the coronavirus crisis here in the US and around the globe. Perhaps, not surprisingly, though you would hope that it wouldn't be the case, we're seeing a spike in criminal activity and attempts to fish with emails sent around the globe right now, trying to get you to click on nefarious links.

And for more on that, I want to bring on an expert in the space, Cybersecurity CEO at Agari. Patrick Peterson joins us now on the Google Hangout. And Patrick, when we look at this, I mean, it's shocking to see the rise in scams tied to coronavirus here. But I guess that's just par for the course.

PATRICK PETERSON: Sadly, it is. And while most of our focus should be on the Primary COVID outbreak, we're tracking the cybercrime outbreak. We've seen the COVID emails, the malicious ones, increase 3,000%. So just as the infection rates are going up to the right, the bad guys, also, in their use of this, are going up and to the right.

What they're doing is for every story that's out there talking about COVID, they're figuring out a way to take their classic cybercrime techniques and turn it into an email attack. Can you help raise some funds for this COVID relief activity? Some of our employees are stuck somewhere. Can you get me some gift cards so I can send to them to help them out in this time of need?

People are at home. They're busy. They're taking care of their kids. They're trying to get them to study at home. I've heard that's difficult. And they're more likely to fall victim for this and say, I want to help out with the COVID relief effort. Let me get this money to where it belongs. But it's nothing more than a cyber crime preying on our social engineering, gullibility, and our desire to help during this outbreak of COVID-19.

ZACH GUZMAN: Yeah. It's not what you want to see. But I mean, it's not just average people that they're going after either. I mean, when we look at the amount of effort that was put into potentially trying to hack WHO and some of the leading organizations that are on the frontlines of tracking all of this right now as well, I mean, what are you seeing in terms of targeting some of those institutions and tactics that people should be aware of to avoid falling victim to this as well?

PATRICK PETERSON: No. That's a fantastic question. And many of our customers are at the front lines of the health care response. And they're seeing also the number of attacks on their business and their customers increase tremendously.

In particular, our friends at the World Health Organization, the Centers for Disease Control, their names are the most likely ones to be used when sending these emails saying, can you donate? Click here to learn how to respond to this. And so those organizations should have 1,000% of their efforts focused on saving us from COVID-19.

And instead, they're having to lean Agari and others in the security community to figure out, how can we stop our name from being used in email? How can we make sure that people aren't going to these fake sites that are being registered every day that look like a COVID response site that are not? And so those organizations, typically nonprofits or government organizations, who don't think of cybersecurity as a number one mission, are really in a bind right now because of those attacks that we see every day.

ZACH GUZMAN: Yeah, and you highlighted a few of these too, like just examples for what people should be aware of, you highlighted the gift card example. It always seems to be gift cards. Even smart people I know fall victim to a gift card one, to go out and buy them and then read off the pin numbers.

But outside of that, I mean, what else are you seeing? And I guess beyond just screening emails for potentially-- because no one wants to avoid helping someone in need that they might know, so I mean it's clear what they're trying to capitalize on here, but how should you really tease out what's real and what's not?

PATRICK PETERSON: Yeah, let me give you two things that we're seeing and then a recommendation. I think first, the criminals have done two things very quickly. The first one is they used to say, go get me a gift card at the store, scratch it off, and send it to me. That way, you're giving money to the criminals. They turn it into bitcoin, and then they redeem it as fiat currency via Paxful, which is an exchange.

As soon COVID's shelter in place started, they said, I don't want you to go to the store anymore. The cyber criminal wants you to actually buy it online, because they know you're not going to go to the store. It's a bad idea. We saw that happen immediately.

The second thing that we saw happen was targeting, pretending to be these organizations who were trying to help out. So what should your listeners do? I think first, go to places that you know are set up in advance to help. Don't fall victim to an urgent email, an urgent request.

Take a second, even though you're busy, even though you may be at home with all your normal IT setup, to double click, think it through, go to the real web site of WHO, or CDC, or your company, or your organization, and take the time to make sure you're not falling victim to these cyber criminals doing their own cyber outbreak on top of COVID-19.

ZACH GUZMAN: Very important advice from Agari CEO Patrick Peterson. I appreciate you taking the time, man, to chat with us.

PATRICK PETERSON: My pleasure.