Cybercriminals are capitalising on the COVID-19 pandemic by sending fraudulent emails that could infect computers or lead to the theft of account details and personal information.
Some of the attacks may include malicious software designed to block access to a computer system or computer files until a sum of money is paid.
- The Australian Cyber Security Centre (ACSC) has observed an increase in COVID-19 themed malicious cyber activity
- We expect to see an increase in exploits related to COVID-19 as publicity around the COVID-19 pandemic increases
- Cybercriminals are using trusted brands, like the World Health Organization (WHO) and U.S. Center for Disease Control & Prevention (CDC), to build credibility and & entice users into opening attachments
What can you do? (Stop, Think, Click)
- Don’t click on any COVID-19 related links or attachments you receive via email or messaging apps unless you are certain it’s coming from a trusted source. That includes messages from to personal email providers like Gmail
- Don’t be fooled by legitimate-looking branding on the messages you receive. Cybercriminals will also often use language that conveys a sense of urgency, so be alert
- If you want COVID-19 news, navigate directly to the Monash Health, Department of Health and Human Services (DHHS), WHO and CDC websites. Use best practices by typing URLs into your web browser and use Google Search to search for sites
- Never enter your credentials into third-party sites unless you’re 100% sure you’re on the correct site
- If you feel compelled to respond to an email and supply personal information, then think again, call the sender to validate their identify and request first!
- Report any suspicious messages to ITCyberSecurityOffice@monashhealth.org or contact IT Helpdesk on 9594 7255 (Option 1)
Approved by Emilio Pozo, Executive Director, Digital Health