COVID-19 Phishing Email Awareness
As the COVID-19 pandemic continues, several new cybersecurity risks have started to pop up in the form of phishing attacks. During this unprecedented and stressful time, cybercriminals look to take advantage of people’s anxiety, concerns, and need of information.
A new phishing campaign has been spotted where a cybercriminal pretends to be from a local hospital alerting the recipient that they have been in contact with a colleague, friend, or family member who has tested positive for the COVID-19 virus. The email then tells the recipient to print an attachment and bring it with them to the nearest emergency clinic for testing.
A similar scam involves the sender posing as a Government official, who then offers phony information on COVID-19 via a link or fake website. Emails like this leverage the fear and timeliness of our current environment, which may lead to individuals responding as fast as they can without taking time to be look for clues of the scam.
Additional phishing attempts pose as Help Desk technicians claiming they are there to provide aid as employees or students transition to remote work spaces. When working from home, we lose the benefit of being able to interact in-person with our co-workers, and that remote workplace environment creates an enhanced opportunity for malicious criminals to exploit our inherent trust and desire to be helpful. Here are some tips to help avoid scams and phishing attempts:
- Do you see the EXTERNAL EMAIL tag but the sender claims to be from UW-Whitewater? Always confirm you know and trust the source before you respond.
- Look for generic greetings/generic signature.
- The message is urgent or very important and you must act immediately.
- The email is offering help or aid in the form of a link to click or an attachment to open.
- Look for grammatical errors, many times the attacker will rush to get the message out.
- Anything suspicious at all, do not respond. The Help Desk will never send messages that require an immediate reply.
- When in doubt, please contact the Help Desk!
Please note that the Help Desk with NEVER ask for your personal information via email. If you ever have a doubt as to the validity of an email, you can contact the Help Desk or attach the email and send to: suspiciousemail@uww.edu.
You can find additional IT Security resources by visiting: https://www.uww.edu/icit/services/it-security#ReportingSuspiciousEmails
In these uncertain times it is vital for each of us to stay vigilant, no matter where we are working, teaching or learning.
Stay safe everyone!