Cybercriminals are using the COVID-19 crisis to propagate various strains of dangerous malware, and ransomware, as well as to launch new phishing campaigns against organizations worldwide including education institutions. Cybercriminals are trying to exploit the emotions associated with this global pandemic. It is important that we do not lose track of the fundamental security controls that we have been taught. The social engineering method being used is primarily phishing e-mails, using the subject lines like:
- 2020 Coronavirus Updates
- Coronavirus Updates
- 2019-nCov: New confirmed cases in your City
- 2019-nCov: Coronavirus outbreak in your city (Emergency)
- COVID-19
These phishing emails may look like they come from a trustworthy source, such as the World Health Organization (WHO) or an individual with “Dr.” in their title, etc. These phishing emails may contain links to a fake email login page or may have attachments with malware or ransomware. These attachments could be named something like coronavirus- or COVID-19- or even “President discusses budget savings due to coronavirus with Cabinet.”
If you receive one of these emails do not click on links or open attachments. Take a screenshot, if possible and send it to Information Systems at anthony.muto@jordandistrict.org