Cybercriminals are increasing their attacks on a variety of essential services and sources of information such as the Center for Disease Control and Prevention (CDC). Using the CDC as an example, be careful of emails claiming to be from them, or other organizations claiming to offer information on the virus. Do NOT click through or open attachments from sources you do not recognize.
Some ways to spot a FAKE e-mail, see below. Beware, this is NOT a complete list of ways cyber aggressors are utilizing.
- E-mail sender domain name appears like “cdc.gov”, e.g. “cdc-gov.org” is NOT correct,
- Sender name may include something like “CDC Health Alert Network”, this does NOT exist,
- E-mail subject line contains “COVID-19, Increased Community Transmission”, this is probably NOT real.
Fraudsters can use links in emails to deliver malware to your computer, to steal personal information or to lock your computer demanding payment (ransomware).
Bonus Tip: Be wary of websites and apps claiming to track COVID-19 cases worldwide. Criminals are using malicious websites and mobile apps to infect and lock devices until payment is received.
Laszlo S. Gonc, CISSP
Founder and Managing Partner, Next Era Transformation Group, LLC