Beware of Phishing Attacks and Disinformation

We are acting with a heightened sense of vigilance these days as we shelter in place. Here is something to be mindful of, particularly as we increase the time we spend on our computers and phones trying to stay informed and in touch with loved ones. Fraudulent activity is on the rise, particularly online. You need to be wary of communications you receive on your computers and phones and be certain that the sender and purpose of the communication are known to you before you click on any attachment or follow any link. Malicious players are looking for Personally Identifiable Information (“PII”), such as passwords, account numbers, credit card numbers, social security numbers, and the like. They also seek to infect your computers with malicious software (also known as “malware”) that is downloaded with a simple click of a mouse.

Recent Reports of Coronavirus-Related Phishing

Summitry’s information technology team informed us that coronavirus-related phishing emails containing malware are a significant problem in parts of the world hardest hit by COVID-19, and they expect it to get worse here. The principal mode of attack, “phishing,” is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal PII. Hackers prey on fear and other emotions and tempt their targets by infusing a sense of urgency into their messages or “offers.” For example, we understand the U.S. Health and Human Services Department was hacked Sunday and fake texts were sent out falsely proclaiming a national quarantine. The National Security Center has been posting clarifications and dispelling rumors through their social media platforms.

The National Security Center dispels rumors of national quarantines via social posts.

In another case, a phishing email claiming to be from the Centers for Disease Control and Prevention (CDC), offered vital information about how to prevent and treat COVID-19. For reference, the official CDC website is https://www.cdc.gov/.

6 Ways To Be Extra Vigilant

If the communication seems strange or unexpected, be particularly vigilant and careful.

• Check the sender’s email address. Are they who they claim to be? Check that their contact name matches the actual email address they’re sending from.
• Try not to click or tap! If it’s a link and you’re on a computer, hover the mouse arrow over it to closely inspect the domain address before clicking on it.
• Consider viewing coronavirus information exclusively from reputable web sites. Try initiating your search for information on Google, typing the name of your particular organization of interest and following that link rather than one contained in an email or text.
• Avoid downloading files from unfamiliar people.
• Consider these points before you click: Is it an enticing offer? Is there a sense of urgency? Have you interacted with the sender before over this platform? Be wary.
• Consider using a different medium to verify (for example, if you receive a strange email claiming to be your friend, try calling your friend over the phone to double-check that it’s from them).

It is certainly not our wish to give you another concern to deal with in these difficult times, but we think this is important for preventing something larger to be worried about. We will be hyper alert to these scams on our end as well. Please don’t hesitate to reach out with your thoughts and questions.