Good Morning,
The Federal Trade Commission is warning consumers to be aware of phishing and vishing (voice-phishing) scams related to the Coronavirus (COVID-19), "Scammers are taking advantage of fears surrounding the Coronavirus. They’re setting up websites to sell bogus products, and using fake emails, texts, and social media posts as a ruse to take your money and get your personal information."
The email below is an example of this type of phishing scam. It was detected by the Sophos Security Team earlier this month.
As you can see, it is asking you to click the button to download a document on safety measures.
However, after you click the link, you're directed to a website requesting your email and password. Once you give away your credentials, you are then redirected to the actual WHO website so you won't be suspicious.
Other COVID-19 scams may involve asking for donations, "emails and posts promoting awareness and prevention tips, and fake information about cases in your neighborhood," (citation).
Cyber criminals watch trends in the news and quickly craft phishing campaigns to capitalize on these trends.
What you can do today:
1. Inform your employees, family members, and colleagues of this scam.
2. Do not respond directly to emails from the World Health Organization, CDC, and others that ask you download a file, request credentials, or to give donations.
3. Beware of emails with maps of the Coronavirus in your city.
4. Learn about our Security Awareness Training as a Service so you can protect yourself, employees, and family from the growing threat of cyber crime.
Photo by William Iven on Unsplash