As the world navigates the coronavirus outbreak, phishers are taking advantage of this uncertain time and scamming employees and organizations.
Recently there’s been an increase in scammers taking employer- or official-looking phone numbers, posing as IT support or sending emails claiming to be the IRS, the federal government, the World Health Organization (WHO) or the Centers for Disease Control and Prevention (CDC) to steal sensitive information or money.
While phishing attempts are nothing new, there’s a rise in fraud schemes related to the COVID-19 pandemic, and it’s important to remain alert and continue to follow cyber security best practices.
Before you click:
- Verify the sender by checking their email address, check any links before clicking and be wary of anyone asking for personal information.
- Don’t open attachments if you don’t know the sender or it originated outside of your organization.
- Don’t provide your username, password, date of birth, social security number, financial data or other personal information in response to an email or robocall.
- Check for misspellings or wrong domains within a link (like an address that should end in .gov but ends with .com).
- Watch for emails claiming to be from the CDC, WHO or your company’s IT support or Help Desk.
5 signs that email may be a phish:
- It plays on fear and has a sense of urgency
- It uses an unfamiliar or oddly worded greeting
- It comes from a questionable email address
- It contains spelling and/or grammatical errors
- It asks you to click links or open attachments
Tips to protect yourself if you’re phished:
- Disconnect the computer or device from the internet or network
- Notify your manager if you’re using a company email address
- Scan your computer for viruses
- Change passwords, or contact your bank or credit card company
