As with any major event or crisis, warnings are sent out in the masses. We are currently experiencing a huge rise in notifications about the crisis surrounding the Coronavirus. As helpful and legitimate emails are sent out regularly to notify and update the public about the novel COVID-19 virus, hackers have also found their niche in these email notifications too. Cybercriminals are able to re-create and duplicate emails that spoof actual emails about the Coronavirus crisis. These “spoofed” emails are Coronavirus phishing emails and they are not to be taken lightly. These emails look real and for those who are unaware that these type of emails currently exist – a simple click on a link in a phishing email could lead to a virus infecting your device.
These dynamic phishing emails are successful since they look and feel like real emails. They provide important information about the current Coronavirus crisis. As we rely heavily on email to help provide updates about any type of crisis, it’s important to remember to be mindful of all emails that come thru your inbox. Clicking a link in a phishing email can lead to an attack from a virus, personal information stolen, bank information obtained, databases comprised and so on. It’s important to be aware of the signs ahead of time about an email that could be fake and be from a hacker – this provides knowledge so you know what not to click on in an email, which can help prevent future cyber attacks.
Here are some tips on how to avoid becoming a victim of a Coronavirus phishing email attack.
What Types of Emails are Being Duplicated
- Emails from the CDC (Centers for Disease Control and Prevention)
- Emails from WHO (World Health Organization)
- Emails from the workplace about Coronavirus – these emails could contain fake information about company policies
- Emails requesting donations
- Emails about purchasing safety items such as face masks or protective clothing
- Emails from a hospital
- Emails offering health advice
How To Recognize a Phishing Email
- Look at the links without clicking on them. You can do this by hovering your mouse over the link so you can see where the link will go. Often when you hover over the link – you can see the link appear in the bottom right hand corner of your web browser. Please note – hackers can still make these links look legitimate. Look at these links closely and if anything does not look right or looks a little off to you, do not click the link.
- The email is requesting personal information. We are starting to see that Coronavirus type emails are requesting personal information such as a social security number or log-in info. A hospital or the CDC is not going to ask for this information in an email. Do not fill out any forms or submit any personal info as it is most likely a hacker trying to steal information.
- If there is anywhere in the email where it implies that you need to “Act Now” – do not click on any of those types of buttons. Phishing emails tend to want to place pressure on the recipient and create a sense of urgency in order for someone to feel they need to provide personal information right away.
- Pay attention to the content of the email. If the email has spelling errors – that can be another sign of a phishing email. Or the content of the email just doesn’t make sense or line up with who it came from.
How To Protect Your Company and Employees
- Add multi factor authentication to your log-in procedures.
- Provide employees with cyber security training so they know what signs to look for when receiving a phishing email.
- Establish a VPN.
- Make sure updates to devices and servers are the most current and remain continuous.
- Stay on top of patching for your machines.
- Offer employees tips on how to create a safe password.
Cyber attacks and phishing emails will always be among us, but they do change as the world does too. Stay up-to-date on the latest with cyber security trends to help keep you and your company safe and secure.