FROM: University Technology Services
RE: Beware! Cybercriminals are targeting organizations with COVID-19-related scams and phishing emails.
Sent: 4/8/2020 10:14:34 AM
To: Students, Faculty, Staff
Cybercriminals are targeting organizations with COVID-19-related scams and phishing emails.
These cyber threat actors will often masquerade as trusted entities. Their activity includes using coronavirus-themed phishing messages or malicious applications, often masquerading as trusted entities that may have been previously compromised.
Threats observed include:
- Phishing, using the subject of coronavirus or COVID-19 as a lure,
- Malware distribution, using coronavirus- or COVID-19- themed lures,
- Registration of new domain names containing wording related to coronavirus or COVID-19, and
- Attacks against newly—and often rapidly—deployed remote access and teleworking infrastructure.
Malicious cyber actors rely on basic social engineering methods to entice a user to carry out a specific action. These actors are taking advantage of human traits such as curiosity and concern around the coronavirus pandemic in order to persuade potential victims to:
- Click on a link or download an app that may lead to a phishing website, or the downloading of malware, including ransomware.
- For example, a malicious Android app purports to provide a real-time coronavirus outbreak tracker but instead attempts to trick the user into providing administrative access to install "CovidLock" ransomware on their device.
- Open a file (such as an email attachment) that contains malware.
- For example, email subject lines contain COVID-19-related phrases such as “Coronavirus Update” or “2019-nCov: Coronavirus outbreak in your city (Emergency)”
To create the impression of authenticity, malicious cyber actors may spoof sender information in an email to make it appear to come from a trustworthy source, such as the World Health Organization (WHO) or an individual with “Dr.” in their title. In several examples, actors send phishing emails that contain links to a fake email login page. Other emails purport to be from an organization’s human resources (HR) department and advise the employee to open the attachment.
Be on the lookout for phishing emails. The same ways to prevent falling victim to a phishing attack applies in this case:
- Approach links in email messages with caution - Links in email messages can often take you to fake sites that encourage you to transmit personal or financial information to scammers.
- Approach attachments in email messages with caution. Only open attachments from known senders that you expect. Call the sender if you have suspicions.
- Don’t trust the sender information in email messages. The sender email address and name can be fake.
- Don’t trust offers that seem too good to be true.
- NOTE: Phone and voicemail are also being used as avenues for malicious activity.
- Run updated antivirus and keep your operating system and applications patched.