COVID-19 Email Scams are Rising and are Harder to Detect. Be on Guard!
We all know we have to be vigilant on opening suspicious emails. Sadly, when it comes to COVID-19 messages, many people still take the bait and open those email messages. Here are examples of some calculating scams that are seen right now, and some suggestions on how to keep these scams out of your your data and systems.
Security training is important to make sure that your employees are not compromising your compliancy with data privacy laws or subjecting your company of a breach, and to k now how to combat the increased phishing attack danger that comes from a remote workforce.
Here are some examples of emails to watch out for:
- Attachments that contains “official information” regarding relief programs or health information from a government agency such as the CDC or WHO
The US government will not ask for any personal identifying or financial information via email. Unless you’ve requested or signed up to receive information on a subject, those messages are always a trap. Register for official relief and information efforts from the organization in question’s website directly. Also, the US government doesn’t charge “application” or “processing” fees either, so that’s another clue that it’s a scam.
- Meeting Invitations from Zoom or any other meeting platforms
Do not click to follow a Zoom or any meeting platform link invitation, especially if its not expected. If you are expecting a meeting link that you registered for, make sure you verify with the organizer before proceeding. Avoid discussing sensitive information or transmitting sensitive information via Zoom. Use waiting rooms to control meeting traffic and avoid “Zoombombing”. It’s better to over-secure your Zoom than under-secure it, no matter how inconvenient that security might be.
- Links and PDFs from DocuSign or a similar service
Most businesses are doing more business remotely, and that includes transmitting and receiving documents containing sensitive information that need to be reviewed and signed. If you receive an email about a document waiting for your review or asking for sensitive information, vet it carefully. If you’re not expecting anything like that, but a DocuSign link requesting your action shows up in your mailbox, contact the sender for verification before you open it.