cancel
Showing results for 
Search instead for 
Did you mean: 

General Discussions

Highlighted
Big Boss
Big Boss

Covid 19 and Phishing Scams

Just wanted to share that my company is seeing a lot of Phishing Scams related to this pandemic. People sending emails that say stuff like, "you have been exposed to Corona Virus" please fill out the attached document and take it with you to the emergency room. 

They want you to infect your machine or supply information with that document. 

Remind co-workers, friends and family, especially the elderly that very little real notifications come in via email and text that has attachments that have to be completed. These are virtually all bad news. 

If you think it may be real then go to the website for the company yourself. DO NOT FOLLOW EMAIL LINKS, as they can lead to imposter sites that look real.  Then contact them if what you recieved is real or not. 

Amazing that these jerks use this situation to pray on even more people. 

0 Kudos
19 Replies
Highlighted
Esteemed Contributor III

Re: Covid 19 and Phishing Scams

Doesn't your company have Spam filters to prevent those type of emails?

Crooks use whatever opportunities to enrich themselves at the expense of the victims. No morals or ethics.

0 Kudos
Highlighted
Big Boss
Big Boss

Re: Covid 19 and Phishing Scams

I have seen spam galore from Appspot which Google runs and seems indifferent to the scams from them

makes google the king of spam

0 Kudos
Highlighted
Big Boss
Big Boss

Re: Covid 19 and Phishing Scams

Yep 3 levels of them actually at the cloud server on the network appliance and on the workstations. However a lot of the new ones are not blacklisted by anyone yet so they make it in randomly. Luckily most of our workers are fairly on top of this. We have had in the past though people that have opened junk right out of the spam folder. If you know of a fool proof way to stop it, I am all ears! Unfortunately much of the time IT Pros can only play catch up to the bad guys. 

0 Kudos
Highlighted
Big Boss
Big Boss

Re: Covid 19 and Phishing Scams

I would also guess that with the shear number of valid Covid 19 emails that are essential to go out right now from basically anyone you have ever dealt with electronically, that the filters are likely set pretty liberally right now in the cloud. That is where most of our stuff usually gets blocked. Far more than our local rules.  Most of them work of content recognition in the emails not just recognizing a problem attachment. You set that too aggressive and you start blocking legit emails too. 

It just sucks that people can't be decent enough to not try and profit from a situation like this.  

0 Kudos
Highlighted
Esteemed Contributor III

Re: Covid 19 and Phishing Scams

Sadly there's no way to prevent morons from being morons. My company sent out a company wide email again advising us about the Covid-19 phishing emails and such, and some moron actually opened one and compromised his system, though luckily our IT department was proactive and had already blocked all traffic outside the whitelist, as all traffic is routed through our own VPN. That's about the only way I can think to prevent it.

Highlighted
Big Boss
Big Boss

Re: Covid 19 and Phishing Scams

Unfortunately the truth is when it comes to malware the best prevention is just having people who remember to use safe practices and don't open attachments from people you don't know or from ones you do that you are not expecting something. Our CSR's are told to call customers and verify they sent email with attachments if we don't already know it is coming. My traffic all comes into our VPN tunnel too, however we don't have a local exchange server and the emails come from the cloud encrypted so the network appliance doesn't do much. We have a decent Sonic Wall device but I wish we had the resources to have way better setup. So basically when it comes to email it is down to the cloud, local rules and and black lists. We have such an influx of new customers all the time that white listing just had not been practical for our operation. However if this stuff escalates more it is a very good idea to whitelist, so thanks for the idea, and may prove the only way to further help things. Luckily so far we have not had an issue other than receiving a few of them. I just wanted to remind people and more so have the educated users in these forums remind people they know to be way more vigilant right now. 

0 Kudos
Highlighted
Big Boss
Big Boss

Re: Covid 19 and Phishing Scams

I have noted that many phishing efforts are distributing ransomware.

This seems to be the way many companies are penetrated and hacked to death.

0 Kudos
Highlighted
Big Boss
Big Boss

Re: Covid 19 and Phishing Scams

Yes ransomeware is about the scariest thing going. I started using encrypted local backups of this a few years ago just before the wanna cry outbreak. I had also just installed a couple levels of works station protection as well. I was very thankful I had just been to a security seminar talking about this right before and it seemed like something to take very seriously. I was very glad I had taken immediate actions. With all the people we have working remotely right now I have never been more worried about getting a local attack.

0 Kudos
Highlighted
Esteemed Contributor III

Re: Covid 19 and Phishing Scams

Another good time to plug the software I use, Macrium Reflect. It's a disk imager like Acronis. I use the free version which lacks the ability to do incremental backups and encryption, but it can still do differential backups. A good choice if you already use full disk encryption on your destination drives.

https://www.macrium.com/reflectfree

0 Kudos