It’s an unfortunate reality that in times of humanitarian crisis, we need to speak more about cybersecurity. We have observed several warning signs. As early as January, COVID-19-branded website domain names began to be acquired. Cyber criminals use these domain names to masquerade as legitimate COVID-19 information sites. They are also sending phishing emails that appear to come from legitimate organizations, such as the US Centers for Disease Control and Prevention and the World Health Organization, but that actually contain malicious links or attachments.