As you know, the Coronavirus, or COVID-19, is circulating worldwide. The Information Security Office wants to make you aware that you need to be vigilant about emails that take advantage of the fear around this illness. The Cybersecurity and Infrastructure Security Agency (CISA) warns that cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.

Here are some tips to ensure that you don’t fall victim to an attack:

  • Be suspicious of any phone call or message that:
    • Pretends to be an official or government organization urging you to take immediate action. 
    • Communicates a tremendous sense of urgency. The bad guys are trying to rush you into making a mistake.
    • Promotes miracle cures, such as vaccines or medicine that will protect you. If it sounds too good to be true, it probably is.
  • Verify a charity’s authenticity before making donations. Review the Federal Trade Commission’s page on Charity Scams for more information.
  • Avoid clicking on links in unsolicited emails and be wary of email attachments.
  • Use trusted sources—such as legitimate, government websites—for up-to-date, fact-based information about COVID-19.
  • Do not reveal personal or financial information in email, and do not respond to email solicitations for this information.

For the latest updates visit the World Health Organization or the Center for Disease Control website. Please keep in mind these attacks can happen at work or at home, via email, text messaging or over the phone. Don’t fall victim to bad guys playing on your emotions. If you feel you have received an attack at work, simply delete it or email [email protected] if you have concerns.