We write to remind you to remain vigilant against cyber scams related to the coronavirus (COVID-19). Information security authorities have seen a rise in phishing attempts where the bad guys are spoofing government agencies taking advantage of the COVID-19 narrative. Examples of these scams include:
- Phishing emails, texts, and phone calls with the subject “COVID-19 relief” posing to provide information related to the recently announced government relief and stimulus package. Official information will never be sent via these messaging platforms.
- Phishing emails soliciting donations to fraudulent charities or bogus causes under the guise of the pandemic.
- Fake COVID-19 information pretending to be from authorities like the World Health Organization (WHO).
- Attackers who hijack email accounts and then use the address book to ask the victim’s contacts for help.
Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.
How does it impact the FIT community?
We have had no reports of these phishing emails going to any one at FIT, but it’s only a matter of time. If you think you have received a phish, mark the email as a phish in Gmail. Read more about how to report a phish here.
What can you do to protect yourself?
- Make sure you have up-to-date anti-virus software installed on your home computer. If you do not have software installed, IT recommends the free version of Sophos available at home.sophos.com/en-us.aspx.
- Always keep your personal life and work life separate. This is especially important if you are using VPN. Never conduct personal business inside the VPN session.
- Stay vigilant against phishing attempts. Phishing is on the rise as we enter this new remote work environment and cybercriminals are taking advantage of the COVID-19 narrative to gain the trust of users.
- Use a trusted Wi-Fi. Don’t log on via a free public Wi-Fi or your neighbor’s open Wi-Fi.
- There is a popular post trending on social media platforms right now of people excited to share pictures of their home office set-ups. We urge you to be careful when posting pictures like this online where sensitive information can be inadvertently exposed.
- Beware of free screen sharing and teleconferencing software that is being offered publicly on the web. Always consider the security and privacy of these tools if you must use freeware for some reason.
- If you haven’t already done so, take your Cybersafe Training for spring 2020. This online training is available now and can be taken from home. Please log in at training.knowbe4.com/auth/