Staying Cyber-Safe During the COVID-19 Pandemic
As the world continues to grapple with our current environment of remote work, social distancing, and self-quarantine, cyber threat actors are actively using this pandemic to their advantage. There has been an increased amount of COVID-19 related scams, phishing emails, and other computer-based attacks as the pandemic continues to impact our day-to-day life. COVID-19 related phishing emails are using the following lures in the subject line and/or body of the email to get your attention:
- COVID-19 heat maps
- Stimulus payments
- Loan extensions and/or forgiveness plans
- Family, friend or co-worker who tested positive for COVID-19
- COVID-19 test kits
- Spoofed (fake) messages from the Centers for Disease Control (CDC) and World Health Organization (WHO)
- Fake domains (websites) selling medical supplies, toilet paper, paper towels and cleaning supplies
Cyber threat actors will continue to capitalize on people’s fears by using the aforementioned topics, thus proper cyber hygiene is important. Best practices for protecting yourself from phishing emails and other cyber scams or attacks include the following:
- Ensure your computer, tablet, phone or device is up to date with the latest software
- Install/update anti-virus software where possible
- Enable Two-Factor Authentication where possible (highly recommended)
- Use a password manager (highly recommended)
- Do not open emails from people you don’t know
- Do not click on links or open attachments from senders you don’t know or were not expecting an email from
- Do not trust the sender’s display name - always look for the actual email address of the sender
- Do not reveal personal information through email, especially passwords
- Trust your gut - if it looks strange or suspicious, it probably is (bad spelling, urgent verbiage, threatening language, etc.)
Lastly, if you are looking for accurate and reliable updates related to COVID-19, you can visit cdc.gov and coronavirus.gov, both of which have been recognized by the FBI as the “best sources for authoritative information.”
Provided below are other trusted sites where you can get legitimate COVID-19 related updates, as well as additional resources for staying safe online. Please read and share, as awareness and education are the best tools for protecting yourself from cyber attacks.
Helpful Links and Sources
- DHS Guidance for Phishing, 2FA, Password Managers, and other relevant cyber security topics
- FBI Public Service Announcement regarding COVID-19 fraud schemes
- How to Recognize and Avoid Phishing Scams | FTC
- Spam and Phishing Guidance from StaySafeOnline
- Coronavirus Disease 2019 (COVID-19) | CDC
- Coronavirus Disease 2019 (COVID-19) | WHO
- Coronavirus Disease 2019 COVID-19 Map - Johns Hopkins Coronavirus Resource Center
About the Author
James Yarnall '07, a Delaware Valley University criminal justice alumnus, is a seasoned cyber security operator, specializing in defensive cyber operations. He is currently the director of cyber security operations and intelligence at Freddie Mac in Washington, D.C. Yarnall serves on multiple advisory boards to include the Delaware Valley Alumni Council.