We have seen a marked increase in the number of phishing attempts as people are dealing with the impact that COVID-19 is having on our lives. Unfortunately these cyber-criminals are very active, trying to take advantage of the situation.
Specifically we have seen email phishing attempts around the following topics:
- Your Online Meeting Is About To Start with body of the email that looks like MS Teams, Skype etc.
- Latest COVID-19 Updates with attachments or links to possibly infected sites
- Delivery Notifications from Amazon or other online retailers
In most cases, clicking on links or buttons within these emails will lead to login pages which then attempt to steal your user ID and passwords.
While these attempts are getting more sophisticated, there are still tell-tale signs to watch for:
- A "from" email address that doesn't look right or consistent with the brand's usual means of communication
- Spelling, grammar, or formatting issues that would be unlikely from professional organizations
- The sender does not have regular communication with you or is not a vendor you or your company uses
- An unusually light amount of detail, with just buttons or links to click
- The hyperlink target (hover over the link to view) goes to a domain that does not match the official domain of the sending company
Please be extra vigilant of these attempts - in this crisis situation, the last things you need are malware or data breaches. Even though you have antispam filters in place, it is still possible for a bad email to get through. If you are unsure of any email, it is best to click on nothing. Alternatively, confirm with the vendor/sender via phone call that the email is legitimate.
Feel free to cut and paste this content into your own email template so you can safely share it.
Stay safe, everyone,
The XBASE Team