May 18, 2020: Tips for Avoiding Cyber Risks During COVID-19
While health and safety are among the top priorities in the ongoing COVID-19 pandemic, unfortunately, people also need to be aware of heightened cyber risks during these times. Here are tips to recognize the signs of a cyber scam and how to protect yourself.
PHISHING EMAIL SCAMS
Cyber scammers are taking advantage of the pandemic by sending COVID-19 notifications pretending to be the World Health Organization (WHO), Center for Disease Control (CDC), and other health and welfare organizations.
These emails are attempting to mimic safety messages to trick individuals into clicking on links that result in infecting users with malware and/or steal individual’s money or personal information.
Signs of a Phishing Email:
- The email looks like it’s from a company you are familiar with, such as Amazon. It may even display the same logo and headers, however if you hover your mouse over the “From” address, you will notice spelling errors or an email address different from emails directly from Amazon themselves.
- The email says your account is on hold because of a billing problem.
- The email has a generic greeting, such as “Dear Customer”. If you have an account with the entity, they likely would not use a generic greeting like this.
- The email requests that you click on a link to update your payment details.
Tips to Prevent Phishing:
- Don’t open emails from people or entities you don’t know.
- Never give out personal information, financial information, or company credentials to anyone via email, particularly those that are COVID-19 related.
- Any COVID-19 related email with an attachment or link should be treated with suspicion. You can hover over the link to verify legitimacy. If you think the link is correct, retype the address directly in a browser window to verify, or go directly to the official website to confirm.
- Don’t visit uncredited websites related to COVID-19. There has been a substantial increase in the rise in website registrations related to COVID-19 that are being used to steal information from visitors or infect them with malware. Institutions such as www.cdc.gov, the World Health Organization, and www.coronavirus.gov are reliable sources to stay up-to-date on information regarding the pandemic.
- Report suspicious emails on your work email to your employer via internal business protocol, or if sent to your personal email, you can report them to the Federal Trade Commission directly.
- If donating to a charity, verify the authenticity of the organization before offering any payment.
In addition to cyber attacks, there have also been a number of people receiving calls that appear to originate from CDC or WHO requesting donations. These calls are a scam, as federal agencies do not request donations from the general public. In order to avoid such scam attempts, do not answer phone calls from unrecognized numbers and do not give out personal information (banking, social security number, or any other identifiable information) over the phone to those you do not know.