Cybersecurity and Infrastructure Security Agency (CISA) Warns Against COVID-19 Cyber Scams and Provides Security Tips
- Avoid clicking on links in unsolicited emails and be wary of email attachments.
- Review CISA Insights on Risk Management for COVID-19 for more information.
Why Coronavirus?
There’s no doubt that black hat hackers won’t spare a single chance to push their scam tricks on people over the internet. This time, the target is the prolonged mayhem currently concerning the whole world—coronavirus disease 2019 or COVID-19. Scammers were found running different phishing scams in as many ways to breach companies and individuals.
In light of increasing attacks, the US Department of Homeland Security (DHS) agency has shared tips to defend against such scammers.
How to safeguard against Coronavirus-based scams?
The DHS’s Cybersecurity and Infrastructure Security Agency (CISA) has alerted people across the country to be attentive to the emails and links related to the coronavirus health crisis.
It has released several do’s and don’ts as precautionary tips to avoid falling prey to malicious scams. This includes tips such as:
- Avoid clicking on links in unsolicited emails and be wary of email attachments. See Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Scams for more information.
- Use trusted sources—such as legitimate, government websites—for up-to-date, fact-based information about COVID-19.
- Do not reveal personal or financial information in an email, and do not respond to email solicitations for such information.
- Verify a charity’s authenticity before making donations. Review the Federal Trade Commission’s page on Charity Scams for more information.
- Review CISA Insights on Risk Management for COVID-19 for more information.
A background on Coronavirus-themed scams
Prior to this warning, the World Health Organization (WHO) and the U.S. Federal Trade Commission (FTC) also shared their observations on COVID-19 scams last month.
- Researchers at IBM X-Force Threat Intelligence, KnowBe4, and Mimecast have already declared COVID-19 as a highly popular phishing bait for targeting individuals from the US and the UK.
- Another report from Imperva also reflected the online popularity of spam campaigns, crafted to disseminated fake news on Coronavirus into the crowd.
- One more group of researchers also discovered malware samples with Coronavirus references including a Remote Access Trojan (RAT), an information stealer, and a wiper.
Response from companies
While numerous firms have asked their employees to work from home in light of COVID-19 threats, several firms including Microsoft, Google, LogMeIn, and Cisco have also announced free licenses for meeting, collaboration, and remote work focused tools so that everyone can join virtual meetings and chat with their colleagues remotely.