In a week dominated by news of the global Covid-19 pandemic, companies scrambled to find ways of securely supporting employees working from home. But the challenges are extensive, and in sectors with critical infrastructure like government defense, protecting data is just as important as protecting workers.
If you received an email from the Centers for Disease Control and Prevention or the World Health Organization about the Corona virus outbreak, would you read it? Maybe click on a link? Cyber criminals are counting on it.
This outbreak has become a catalyst for cyber criminals who will use it as a basis for email attacks designed to retrieve personal information, steal money or infect computers with malware.
Here are some examples of emails used by criminals:
Here is another example:
At first glance, the sender’s email address appears to be legitimate, for example cdc-gov.org or cdcgov.org. The criminals create domains that are very close to the real CDC site — cdc.gov. Even though the link looks like it will take you to a CDC.gov website about the Corona virus, it will not. More than likely, you will land on a fake Microsoft Outlook login page, created by criminals to steal user names and passwords, which they control.
There is no reason to provide login credentials to visit a public website, such as the CDC.
Here are our recommendation to avoid getting hit by these cyber criminals:
If you have any questions or concerns regarding how to avoid phishing attack or have recent become the subject of one—contact us.
We will happily help you get through this process.