Home / Blogs

Good Internet Hygiene During the COVID-19 Pandemic

We are all aware of the steps for mitigating the spread of the novel coronavirus (COVID-19):

  • Wash your hands.
  • Practice social distancing.
  • Report exposure.

But these are not the only activities to practice right now. Cyber-criminals are taking advantage of this health crisis and the emotional upheaval it creates to perpetrate their crimes. Therefore, we also need to exercise good internet hygiene. In a time of crisis or tragedy, bad actors don’t slow down; their efforts amplify. They want our money, our data, access to our employers and anything else they can possibly monetize.

The most common risk vectors are in phishing attacks and malware exploits. Most people—even the non-technically savvy—can detect many of these threats with just a little effort. The following actions will help:

  1. Look at who is sending you an email. Most attacks via email use an alias so as to look official, but checking on the full email address can reveal a very different contact. Take the time to expose the full address of the sender and look carefully for typos.
  2. Do not click on links from unknown sources. A common practice of bad actors is to share seemingly helpful information (e.g., a health notice or a readiness checklist) that require you to click on a link. Never click on a link unless the sender is someone you trust, and they tell you they have already clicked on it. This includes never clicking on a link in a forwarded message from a trusted sender unless they have already clicked on it; just because they forwarded it to you does not make it safe. Find a trusted source for your outbreak information, e.g., WHO.INT or a local health resource, and type their web address in yourself to go to their secure site.
  3. Do not provide any personal data to new parties. Avoid the impulse to share information as a part of ‘global reporting’ or health census, as they likely are not legitimate. Only share details with your doctor. NOTE: people are already getting phone calls from callers who say they are from the US CDC (Centers for Disease Control), informing them that “your vaccine is ready.”
  4. Only offer financial assistance to known and trusted NGOs. In a time of tragedy, bad actors appeal to the goodness in others. Check known resources of valid charities before giving, such as Charity Navigator, Guidestar.org or your local tax authority.
  5. Tell others about these risks and mitigations efforts, especially older friends, neighbors and family members, as they are some of the most vulnerable to fall prey to these attacks.

For businesses, it is important to do a threat assessment and understand how your day-to-day operations may have changed during the pandemic. Consider revisiting your tools to scan your networks and your email. If you have employees typically in your building that are now remote, educate them on the risks and provide tools for identifying abuse.

At Afilias, we are practicing all the above as well as heightening our systems to the new specific pandemic related threats for the domains in our portfolio. We continue our commitment to reviewing 100% of all new domain registrations to do our part in mitigating this and all other technical domain abuse.

If you believe you have found an abusive domain, report it to your internet provider, the registrar for the domain name, or ICANN.

Meanwhile, wash your hands, watch for phishing attacks, and stay well!

By Melinda Clem, Vice President, Strategy at Afilias

Board Chairwoman for the i2 Coalition and Co-Chair of IGF-USA.

Visit Page

Filed Under


Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API


Sponsored byVerisign

Domain Names

Sponsored byVerisign