Cyber Awareness - COVID-19
Defending Against COVID-19 Cyber Scams
SDSU IT Security Office would like to remind our community to remain vigilant for scams related to coronavirus 2019 (COVID-19). Cybercriminals will likely use COVID-19 pandemic to spread scams. They may send phishing emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.
Current scams to beware of include the following:
- COVID-19 MalSpam Campaigns - Malicious spam (malspam) campaigns distributing disk image files infected with malware targeting U.S. government agencies and manufacturing companies in South Korea. The phishing emails use subject lines related to COVID-19. An example of an email containing this malware is provided here.
- COVID-19 Tax Relief. A new Trojan malware, dubbed QNodeService, promise COVID-19 victims tax relief.
- Text (Smishing) Scams. Coronavirus-related smishing continues this financial theme, particularly governments’ employment and financial support packages.
- Fake Stimulus Check. FBI warns of phishing emails asking you to verify your personal information in order to receive an economic stimulus check.
- Fake email messages about COVID-19 from the White House.
- Fake World Health Organization (WHO) "Safety Measures" Email is a phishing scam.
- Netwalker Ransomeware takes down Champaign Urbana Public Health District website via phishing.
- Secret Service Warning. The U.S. Secret Service is reporting a number of phishing scams related to the virus.
- Federal Bureau of Investigations (FBI) sees rise on fraud schemes related to COVID-19.
- Federal Trade Commission's (FTC) guidance on recognizing and avoiding phishing scams.
- U.S. Health and Human Services suffers cyber attack through SMS phishing related to a "national quarantine."
- Johns Hopkins COVID-19 Update. Microsoft is warning of an ongoing COVID-19 themed phishing campaign that starts with emails pretending to be from the Johns Hopkins Center, which is sending an update on the number of Coronavirus-related deaths there are in the United States.
- COVID-19 Tracking Maps with Malware. Attackers are circulating links to malicious websites disguised as COVID-19 maps, either on social media or through misleading emails. Opening one these sites prompts the user to install an applet that infects their device with malware that steals data such as login credentials and banking information.
- Malicious Website (coronavirusapp[.]site) claiming to have a real-time Coronavirus outbreak tracker available via an app download.
- "Masks 2 U" Twitter accounts commandered to advertise fake websites selling masks or hand sanitizers.
- Fake "COVID-19 Inform App" from the World Health Organization.
- Corona "Antivirus" Protection for your PC is malware.
- The FTC and Food and Drug Administration's (FDA) warnings of COVID-19 treatments.
SDSU and CSU COVID-19 Resources
For SDSU and CSU information, please visit these sites frequently, as they are regularly updated.
- CSU Chancellor’s Office webpage
- COVID-19 Information for the SDSU Community
- COVID-19 Reporting Form for SDSU and Auxiliary, Faculty, Staff, and Students
- Economic Crisis Response Team
- Housing COVID-19 Updates
SDSU Virtual Support Resources
- IT Support Center
- Remote Work Resources
- Virtual Instruction Resources
- Virtual Support and Resources for Students
- VPN Services
- Zoom Meeting Protection
- Zoom Meetings for HIPAA
COVID-19 Information Updates
- Johns Hopkins COVID-19 Update (Bleepingcomputer.com, 5/19/20)
- COVID-19 Tax Relief (ZDnet.com, 5/15/20)
- COVID-19 MalSpam Campaigns (ZDnet.com, 5/4/20)
- Report Details COVID-19 Phishiing Attacks Based on Emails from the White House (SecurityBoulevard.com, 4/9/20)
- "Masks 2 U" Twitter hack advertising sketchy mask website (Vice.com, 3/24/20)
- Hackers Hijack Routers' DNS to Spread Malicious COVID-19 Apps (Bleepingcomputer.com, 3/23/20)
- Fake Corona "Antivirus" Distributes BlackNET Remote Administration Tool (Malwarebytes, 3/23/20)
- Netwalker Ransomeware Infecting Users via Coronavirus Phishing (Bleepingcomputer.com, 3/21/20)
- Fake Stimulus Check Phishing Emails (U.S. Federal Bureau of Investigation, 3/20/20)
- Malicious website (coronavirusapp[.]site) (Domaintools.com, 3/16/20)
- U.S. Health and Human Services suffers cyber attack (Bloomberg, 3/16/20)
- Warning: You Must Not Download This Dangerous Coronavirus Map (Forbes, 3/11/20)
- Secret Service warns of scams, disinformation campaigns around spread of coronavirus (ABC News, 3/10/20)
- UNICEF warns of scam coronavirus messages circulating through social media (ABC News, 3/10/20)
- Coronavirus Scams: What the FTC is Doing (Federal Trade Commission)
- FTC & FDA: Warnings sent to sellers of scam Coronavirus treatments (FTC, 3/9/20)
- Coronavirus Scams Spread as Fraudsters Follow the Headlines (AARP, 3/9/20)
- Email scammers are taking advantage of coronavirus fears to impersonate health officials and trick people into giving up personal information (Business Insider, 3/9/20)
- Secret Service Issues COVID-19 (Coronavirus) Phishing Alert (U.S. Secret Service, 3/9/20)
- Here's how to avoid falling for coronavirus scams (CNN Health, 3/8/20)
- Coronavirus: 6 scams to watch out for (Yahoo Finance, 3/8/20)
- Beware of criminals pretending to be WHO (World Health Organization)
- Coronavirus fraud: UK victims lose 800,000 pounds in scams (Reuters, 3/6/20)
- WHO dubbed the ongoing flood of misinformation and scams "Infodemic" (WHO, 2/2/20)
If you feel you have received a phishing email please report it to [email protected].