Introduction
Malicious actors are currently using the Coronavirus as a topic for sending phishing emails, spreading malware, and offering fraudulent monetary grants. These criminals may send an email claiming to be from legitimate organizations with information about the coronavirus, or one that might ask you to open an attachment to see the latest statistics. If you click on the attachment or embedded link, you’re likely to download malicious software onto your device or be directed to a fake login page that harvests your credentials. Attackers have already tricked users into downloading a fake Coronavirus map that installs malware on the victim's device. Fraudulent grants related to the pandemic are being offered to convince users to pay for a "processing fee" or to perpetuate identity theft.
Information
1. Be very careful of any email related to the Coronavirus that appears to be a CDC alert, health advice, or something that might even look like it's from ISU.
2. If you want information on coronavirus, rather than clicking on a link in an email you did not request, our advice is to go directly to the cdc website: www.cdc.gov
3. And, as always, practice good email safety tactics:
-
Always check the sender's address at the top of the email. Do not just look at the sender's name. If the sender address doesn’t match the sender name, or looks suspicious in any way, close the email and send it to stop-spoofing@indstate.edu
Example: Sender name is “Sycamore Sam” but the sender email address is “sender123nooneyouknow@gmail.com” or "sycamoresamisu@gmail.com" instead of "sycamore.sam@indstate.edu".
- Avoid emails that insist that you act with urgency or immediate action.
- No one will ever reach out to you via social media offering a pandemic-related grant or funding.
- Avoid clicking on links that can direct you to a malicious website. To check the website, hover your mouse over the link. If it looks like the address is not an official website for the organization that sent you the email, close the email and send it to stop-spoofing@indstate.edu.