Phishing Schemes Escalate - Be on the lookout for Coronavirus Phishing emails!
The overwhelming amount of news coverage surrounding the novel coronavirus has created a new danger — phishing attacks looking to exploit public fears about the sometimes-deadly virus.
How does it work? Cybercriminals send emails claiming to be from legitimate organizations with information about the coronavirus. The email messages might ask you to open an attachment to see the latest statistics. If you click on the attachment or embedded link, you’re likely to download malicious software onto your device.
- - Hover your mouse over the Sender’s email address. Did you expect an email from this sender? Then take a second look at the domain name (that’s the name after the “@” symbol). Make sure it’s spelled correctly.
- - Review the “reply” address. Does it match the “from” address of the sender?
- - Hover your mouse over all links in the email. Do you recognize the internet address?
- - Review the grammar. Is it well composed and expected from the sender?
If you answered No to any of the above, consult with your technology partner.
Some may be experiencing more phishing phone calls than normal. Do not give out your email address, direct phone number or any other personal information until you have confirmed to whom you are talking and if it is safe to do so. Getting little pieces of information can trigger spear phishing calls that lead to a much higher risk and data leaks.
Working at home can leave you open to hackers, even in normal times, and these aren't normal times! With millions of people in the US under orders to stay home to slow the spread of the novel coronavirus, many more people are now working in their personal space, sometimes on their personal computers or phones. That situation makes a much wider target for hackers, according to cybersecurity experts.
How to stay safe on your computer while working remotely:
- - Make sure your home or work computer is up to date for patches, anti-virus and other data protection tools used by your company.
- - Keep using your multi-factor authentication (DUO) and keep your phone with you at all times. If you receive an alert on your phone asking you to approve the remote connection, ensure it is your connection, and if it is not, click ‘Deny’.
- - Ensure you are only opening and responding to emails you expect to receive and that they are from senders whom you are expecting. Emails should be vigilantly monitored.