It is pretty well known that you shouldn’t click on links in emails or what you find on social media. However, especially now when we are looking for the latest info about COVID-19, it is hard not to.
In one day alone in early March, registration for sites with “corona”, “covid”, or “vaccine” was over 800! Some were real sites, but some were not.
This comes from a colleague that subscribes to the same Awareness and Training discussion group I joined. Here is Cathy Click’s examination of one email:
“I have been researching phishing campaigns related to COVID19 and how team members are reacting to them. It surprised me at first that the campaigns are small, most under 100 emails sent, and single digit delivery the bulk. Today I dove into one in particular.
The email went to one person. This person lives in Illinois. On March 20 the governor of Illinois announced stay-at-home for the state. Within hours of the announcement an email was sent to that one person in Illinois, with a link to detailed information on the stay-at-home order. Granted, she missed several red flags, the biggest being a notice that the email came from an external sender, although I am not sure if she recognized the sender’s name. The domain on the link included https://xxxcovid19xxxx.com/ and ended with governor-issues-stay-at-home-order-for-illinois-except-for-essential-needs.
The link was fine for the first couple of days and then was weaponized by March 23. In the meantime the employee shared the link with 28 other people. All 28 clicked on the link. 26 before weaponization and 2 following. No one was infected, our filtering system shut off access to the link when the site became infected.”
Criminals are feeding on the need for information and using the tendency to share news with others for their gain. Be cautious of clicking on any link with “covid”, “corona” or “vaccine” in first part of the URL. Best place to start? Our own webpage, https://uthsc.edu/coronavirus/index.php.
Please note that “corona” is AFTER our web address of uthsc.edu.
Stay safe everyone!