Cybercriminals, of course, are taking full advantage of the Coronavirus (COVID-19) pandemic with phishing emails schemes that are meant to steal your critical data or infect your computer networks with malware or malicious software.
Cybercriminals are sending these emails out claiming to be from trusted sources. The two most common are the CDC and World Health Organizations (WHO). These organizations have both released warnings regarding these COVID-19 phishing scams due to the dramatic rise in scams since the beginning of the pandemic. Both organizations stress Cybersecurity Awareness and training to avoid such schemes.
CDC Phishing Email Example:
“The Centers for Disease Control and Prevention (CDC) continues to closely monitor an outbreak of a 2019 novel coronavirus (2019-nCoV) in Wuhan City, Hubei Province, China that began in December of 2019. CDC has established an Incident Management System to coordinate a domestic and international public health response.
You are immediately advised to go through the cases above for safety hazard.”
This link leads to a fake Microsoft Office Outlook login page that steals usernames and passwords. Once the user types in their information, cybercriminals have access to practically everything. The email LOOKS LEGITIMATE and has tricked many end users.
Tips & Tricks to Identify COVID-19 Phishing Emails:
- You will not be asked for passwords, credit card information, or tax numbers via email. Ever.
- Look for generic salutation, such as “Dear Sir,” or “Dear Customer,”.
- Check the email address of the sender. Use your mouse to hover over the ‘from’ address. Check the address to see if it has been altered.
- Legitimate companies will not send unsolicited attachments. Hackers will direct you to download documents or files containing malware.
- Always check the URL by hovering over the link with your mouse. If the text in the link is not identical to the URL, the is probably not legitimate.
- Check the spelling on the email. Phishing emails are notorious for typos and grammatical errors.
What You Can Do?
Ensure your employees are aware of the COVID-19 phishing emails and cybercriminals lurking to prey on the fear of the coronavirus. Educate yourself and employees on how to recognize phishing emails with Security Awareness Training.
For the latest information on the coronavirus pandemic you can go straight to the CDC website. If you have any questions about Phishing Emails or if you would like to schedule Security Awareness training today call 918.436.1830.