Unfortunately, during this time of rapid change in our work lives due to the pandemic, there are those who will seek to take advantage of the situation to launch phishing messages or other attacks to gain access to your network and/or data. As each of us serve as the first line of defense from these attacks, please take a minute and review this information.
The following are a few items to be on the lookout for during the next few months.
1. Emails that appear to be from organizations such as the CDC (Centers for Disease Control), or the WHO (World Health Organization). The scammers have crafted emails that appear to come from these sources, but they contain malicious phishing links or dangerous attachments. For example, a malicious website pretending to be the live map for Coronavirus COVID-19 Global Cases by Johns Hopkins University is circulating on the internet.
2. Emails that ask for charity donations for studies, doctors, or victims that have been affected by the COVD-19 Coronavirus. Scammers often create fake charity emails after global phenomenon’s occur, like natural disasters, or health scares like the COVID-19.
3. These attacks are attempts made by a bad actor to get hold of an individual’s credentials or other sensitive information. Many bad actorswill take advantage of COVID-19 to try and trick employees into giving their credentials by convincing the employee that they are providing information genuinely required by their business.
4. Remote Work and Working from Home. As it helps to reduce the risk of spreading the virus, working from home solves many problems associated with sharing office space. However, moving away from an in-person workplace environment can open or unlock doors to attack, and it may be easier for attackers to find success as people are no longer relying on face-to-face validation of requests. Since we rely on voice, text, or other alternative channels such as social media there is a greater chance of social engineering and impersonation scams.
5. Emails that claim to have a “new” or “updated” list of cases of Coronavirus in your area. These emails could contain dangerous links and information designed to scare you into clicking on the link.
Remain cautious! And always remember the following to protect yourself from
scams like this:
- Never click on links or download attachments from an email that you
- If you receive a suspicious email that appears to come from an official organization such as the WHO or CDC, use the Outlook ‘Report as Phishing’ button as you would to report any suspected phishing message. If you want to view the CDC or WHO website type the web address in your browser instead of clicking on any links in emails, or other messages.
- If you want to make a charity donation, go to directly to the charity website of your choice to submit your payment, do not click on any links in emails. Type the charity’s web address in your browser instead of clicking on any links in emails, or other messages.
- Preparedness is key – and good cyber resilience includes keeping yourself informed on the latest threats.