Once again the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning for the public and organizations to stay on cyber alert. There has been an additional increase in online scams – this time related to Coronavirus Disease 2019 (COVID-19). Cybercriminals are sending emails with attachments or links to websites that are malicious or fraudulent. Cyber actors trick their online victims into revealing personal data or financial information, often pretending to be representing charities that people may be compelled to donate to. Everyone should be vigilant when handling any message with a COVID-19-related subject line, especially if it contains an attachment or a link. Be cautious of fundraisers or personal pleas on social media, as well as texts or calls related to COVID-19.
Here is an example of a scam email that has been in circulation, in different variations.
Recommended precautions against Coronavirus scams:
- Use official sources of information. Government websites, such as CISA should be your first choice for up-to-date, fact-based information about any nationwide emergency situation such as COVID-19.
- Avoid clicking on links in unsolicited emails and be wary of email attachments.
- Be wary of unsolicited attachments, even from people you know. Just because an email message looks like it came from someone you know does not mean that it did. Many viruses can “spoof” the return address, making it look like the message came from someone else. If you can, check with the person who supposedly sent the message to make sure it’s legitimate before opening any attachments. This includes email messages that appear to be from your internet service provider (ISP) or software vendor and claim to include patches or antivirus software. ISPs and software vendors do not send patches or software in email.
- Do not reveal private information, including personal or financial details and credentials in email messages or during phone calls with unverified parties, and do not respond to requests for your private, sensitive information.
- When responding to financial contribution requests, verify a charity’s (or person’s) authenticity before making arrangements for donations. Review the Federal Trade Commission’s guidance on Charity Scams for best practices.
- Keep software up to date. Install software patches so that attackers can’t take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it. (see Understanding Patches and Software Updates for more information)
- Trust your instincts. If an email or email attachment seems suspicious, don’t open it, even if your antivirus software indicates that the message is clean. Attackers are constantly releasing new viruses, and the antivirus software might not have the signature. At the very least, contact the person who supposedly sent the message to make sure it’s legitimate before you open the attachment. However, especially in the case of forwards, even messages sent by a legitimate sender might contain a virus. If something about the email or the attachment makes you uncomfortable, there may be a good reason. Don’t let your curiosity put your computer at risk.
- Save and scan any attachments before opening them. If you have to open an attachment before you can verify the source, take the following steps:
- Be sure the signatures in your antivirus software are up to date.
- Save the file to your computer or a disk.
- Manually scan the file using your antivirus software.
- If the file is clean and doesn’t seem suspicious, go ahead and open it.
- Turn off the option to automatically download attachments. To simplify the process of reading email, many email programs offer the feature of automatically downloading attachments. Check your settings to see if your software offers the option, and make sure to disable it.
- Consider creating separate accounts on your computer. Most operating systems give you the option of creating multiple user accounts with different privileges. Consider reading your email on an account with restricted privileges. Some viruses need “administrator” privileges to infect a computer.
- Apply additional security practices. You may be able to filter certain types of attachments through your email software (see Reducing Spam) or a firewall (see Understanding Firewalls).
How Secure is Your Computer network?
CALL (855) 551-7760
Outstanding Managed IT services are within your reach