Cutting straight to the point: Criminals are adapting and taking advantage of the COVID-19 situation.
See below for information and advice specific to what’s been seen so far.
#1 – Phishing emails acting as if they’re legitimate messages from important entities
We’ve seen emails posing as HHS (Health and Human Services), CDC (Center for Disease Controls), and WHO (World Health Organization).
What do these phishing emails look like?
- When to see a doctor or common symptoms.
- A “cure” to the Coronavirus.
- Peddle products or services, such as hand sanitizer.
- Alerts / outbreak information on the virus.
- New safety measures.
- Unemployment guidance.
Our Advice
- General anti-phishing practices apply.
- Look at the From address. Is it from the domain of the organization in question?
- Do the overall spelling and grammar of the From, Subject, and Body look wrong?
- If you mouse over a link, does it have the right URL of the organization in question without anything suspicious in it? For example, a second domain name/IP address or a misspelled domain name?
- Practice good email hygiene.
- Would you trust an unsolicited email peddling a cure to COVID-19?
- Would the CDC have an online store with links to an e-commerce website peddling hand sanitizer?
- Would the government send you specific outbreak information to your email address?
- All the above scenarios are HIGHLY UNLIKELY to occur. If you even slightly believe you’re a receipt of a phishing email, call the sender or simply delete it.
#2 – Texting scams specific to the virus
We’ve seen online that fake texts with web links to malicious websites are on the rise.
What do the text messages look like?
- Red Cross asking for protective equipment.
- Anything representing the Social Security Administration.
- Any unsolicited text regarding COVID-19 treatment, cures, and test kits.
Our Advice
- Never click a link on an unsolicited text message.
- If you click on a link, and are taken to a fake login page, STOP. The entire purpose of the attack is to capture your credentials.
#3 Targeted spear-phishing
This is a highly-effective flavor of phishing where the attackers know your role, and will attempt to target you with topics relevant to your job. We’re seeing the fake content targeted toward HR, accounting, IT, and business owners that appear to be from a trusted friend or co-worker.
What do these phishing emails look like?
- Subjects may contain “FW: Covid-19” or a similar low-effort attempt. The fake “Re:” and “FW:” on phishing emails tries to catch you off guard FYI.
- Generic email body with a Word, Excel, or even HTML attachment.
- Unnecessary BCC (blind carbon copy). Malicious actors try to conceal they don’t actually know your email groups or your co-workers.
Our Advice
- Similar to advice given in #1, practice general anti-phishing best practices. From name, malicious links, and grammar will be slightly off typically.
- Analyze what they’re requesting. Click on the strange attachment? Go to the suspect-looking link? Wire money? These are risky requests over email.
- Use our 2 step process to determine if a particular email passes the “sniff test”. #1 – Do you know who the sender is? #2 – Are you expecting an email from them? This will eliminate 90% of phishing emails. For the 10%, call them and confirm that it’s legitimate. If it’s important, a phone call to authenticate the message is worth it.
We hope this helps someone from becoming a victim during these uncertain times.
If you would like a quote or evaluation for IT services, don’t hesitate to reach out to PK Tech here: contact PK Tech.
