Cybercriminals are capitalising on Coronavirus (COVID-19) to send fake emails and SMS Phishing attacks that could infect computers or lead to the theft of logins and personal information.
Key points:
- COVID-19 is being used as a phishing lure by cybercriminals
- We expect to see an increase in exploits related to COVID-19 as publicity around the virus increases
- Cybercriminals are using trusted brands, like the World Health Organization (WHO) and the U.S. Center for Disease Control & Prevention (CDC), to build credibility and entice users into opening attachments
What can you do? (Stop, Think, Click)
- Don’t click on COVID-19 related links or attachments you receive via email or messaging apps unless it’s coming from a trusted source. That includes messages to personal email providers like Gmail
- Don’t be fooled by legitimate-looking branding on messages you receive; good fakes are doing the rounds. Cybercriminals will also often use language that conveys a sense of urgency, so be alert.
- If you want COVID-19 news, use best practices by typing URLs into your web browser or using Google Search to search for sites
- Don’t put your credentials into third-party sites unless you’re 100 per cent sure you’re on the correct site
- Report any suspicious messages to ITCyberSecurityOffice@monashhealth.orgor contact IT Helpdesk on 9594 7255 (Option 1)
