April 25, 2021
Practice Social Distancing from a New Wave of COVID Phishing Attacks
Be vigilant and follow these cybersecurity tips!
Just as the coronavirus was deemed a national crisis, the number of phishing campaigns and related domains tied to the pandemic drastically spiked. By late May 2020, a large number of these phishing attacks died off, but new reports from various cybersecurity platforms and researchers show that threat actors are continuing to prey on fears surrounding the COVID-19 pandemic and attacks have surged in the past few months.
Unit 42 (the Palo Alto Networks threat intelligence team), says it found that vaccine-related phishing attacks rose by 530% from December 2020 to February 2021.
Most of these lures, said the firm, were attempting to steal users’ “business credentials.” For example, a phishing site set up in late 2020 posed as a corporate presence for BioNTech and Pfizer, the vaccine makers, asking users to log in with Office 365 credentials in order to register for a vaccination.
In addition, The Department of Justice has warned of a “new wave of COVID-19 scams” amid the ongoing second round of stimulus payments being delivered to Americans.
In a statement last month, the department said, “In the last several months, IRS-CI (Internal Revenue Service Criminal Investigation) has seen a variety of Economic Impact Payment (EIP) (stimulus payment) scams and other financial schemes designed to steal money and personal information from taxpayers.”
As always, you should practice good phishing prevention skills by looking for red flags in any email you receive, including COVID related emails.
These include emails with suspicious links or attachments, plus:
- Messages or phone calls with an urgent tone – They ask you to reveal your account password or other confidential information and hope you won’t stop to think about it.
- An unofficial or unusual “From” address – This is a sender’s email address that is similar to, but not the same as, an official company email address.
- A message marked with “Urgent action required” – Phishing often includes urgent “calls to action” to try to get you to react immediately.
- A generic greeting – Fraudsters who send thousands of phishing emails at one time may have your email address, but they will not always have your name.
- A link to a fake website –Phishing emails usually include a link to a fraudulent website that is formatted to look similar to the sign-in page of a legitimate website.
In today’s world, misinformation and scams are everywhere. Ensure you only utilize official sources and websites to keep yourself informed.
COVID Vaccine
If you are interested in learning more about when you may be eligible for the COVID vaccine or where to register to receive it, please reference the lookup tool from the CDC here: https://www.cdc.gov/vaccines/covid-19/index.html
Stimulus Checks
If you want to learn more about if you qualify for and when to expect the most recent stimulus checks included in the latest COVID relief bill, please reference the following:
- Information: https://www.irs.gov/coronavirus/economic-impact-payment-information-center
- Payment Status: https://www.irs.gov/coronavirus/get-my-payment
Thank you for continuing to be vigilant in keeping yourself and National Life Group secure.
