As the COVID-19 pandemic continues, global interest to obtain the latest information on the virus remains. Unfortunately, this makes online resources regarding the pandemic a suitable playground for cyber criminals. Malicious activity can be present in all forms of communication such as emails, social media, text messages, and websites.
Fake websites promising up to date information regarding COVID-19 will try to lure you in to entering personal information. Similarly, phishing emails will try to lower your guard by using key words like "Vaccine" or impersonating trustworthy organizations like the CDC. Urging you to take quick action, or requesting information needed to review an attachment or click a link are common behaviors of phishing emails. Remember to never open any link or attachment from online sources that you do not trust and always check the senders email address. Email addresses can be masked by their display name, always click on the display name to reveal the email address, if the domain is not related to company send it to the trash!
Other malicious activity to look out for are unemployment scams and fraudulent charities. With tax season approaching and unemployment claims on the rise due to the pandemic, scams surrounding unemployment benefits have also increased. Additionally, fake websites may seek charities for illegitimate or non-existent organizations. Threat actors will not hesitate to take advantage of anyone during troubling times like these, so please conduct thorough research before donating to any charities or providing information.
To help reduce risk and best protect yourself against cyber-attacks, avoid connecting your personal devices to any public internet, never give out your personal or banking information online. Ensure all of the information you are consuming is from a reliable source, such as the CDC or local government regarding the pandemic.
If you believe you have revealed sensitive information to a scammer, such as, your banking information, contact your bank immediately and change any passwords that were compromised. If you use the same password for multiple accounts change those also as scammers will normally try them on other popular websites.