Defending Against COVID-19 Cyber Scams

The Cybersecurity and Infrastructure Security Agency (CISA) warns individuals to remain vigilant for scams related to Coronavirus Disease 2019 (COVID-19). Cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.

CISA encourages individuals to remain vigilant and take the following precautions.

• Avoid clicking on links in unsolicited emails and be wary of email attachments. See Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Scams for more information.
• Use trusted sources—such as legitimate, government websites—for up-to-date, fact-based information about COVID-19.
• Do not reveal personal or financial information in email, and do not respond to email solicitations for this information.
• Verify a charity’s authenticity before making donations. Review the Federal Trade Commission’s page on Charity Scams for more information.
• Review CISA Insights on Risk Management for COVID-19 for more information.

CYBERSECURITY RESOURCES FOR COVID-19

• The CISA Insights: Risk Management for Novel Coronavirus (COVID-19) provides executives a tool to help them think through physical, supply chain, and cybersecurity issues that may arise from the spread of Novel Coronavirus, or COVID-19.
• On March 6, 2020 CISA released an alert reminding individuals to remain vigilant for scams related to Coronavirus Disease 2019 (COVID-19).
• On March 13, 2020, CISA released an alert encouraging organizations to adopt a heightened state of cybersecurity when considering alternate workplace options for their employees.
• CISA’s updated  TIC 3.0 Interim Telework Guidance, released  April 8, focuses on remote federal employees connecting to private agency networks and cloud environments in a secure manner.
• An April 8 Joint CISA/UK cyber alert details  how  cyber criminals and advanced persistent threat (APT) groups are targeting individuals and organizations with a range of ransomware and malware. The alert includes indicators of compromise (IOCs) for detection, and guidance for organizations and individuals on how to decrease the risk of cyberattacks.

COVID-19 Disinformation

There is a lot of disinformation on the internet about COVID-19. CISA has created a COVID-19 Disinformation Toolkit. It includes talking points, FAQs, outreach graphics, and posters to help spread awareness.

COVID-19 Cyber Security News