Just wanted to share that my company is seeing a lot of Phishing Scams related to this pandemic. People sending emails that say stuff like, "you have been exposed to Corona Virus" please fill out the attached document and take it with you to the emergency room.
They want you to infect your machine or supply information with that document.
Remind co-workers, friends and family, especially the elderly that very little real notifications come in via email and text that has attachments that have to be completed. These are virtually all bad news.
If you think it may be real then go to the website for the company yourself. DO NOT FOLLOW EMAIL LINKS, as they can lead to imposter sites that look real. Then contact them if what you recieved is real or not.
Amazing that these jerks use this situation to pray on even more people.
Doesn't your company have Spam filters to prevent those type of emails?
Crooks use whatever opportunities to enrich themselves at the expense of the victims. No morals or ethics.
Yep 3 levels of them actually at the cloud server on the network appliance and on the workstations. However a lot of the new ones are not blacklisted by anyone yet so they make it in randomly. Luckily most of our workers are fairly on top of this. We have had in the past though people that have opened junk right out of the spam folder. If you know of a fool proof way to stop it, I am all ears! Unfortunately much of the time IT Pros can only play catch up to the bad guys.
I would also guess that with the shear number of valid Covid 19 emails that are essential to go out right now from basically anyone you have ever dealt with electronically, that the filters are likely set pretty liberally right now in the cloud. That is where most of our stuff usually gets blocked. Far more than our local rules. Most of them work of content recognition in the emails not just recognizing a problem attachment. You set that too aggressive and you start blocking legit emails too.
It just sucks that people can't be decent enough to not try and profit from a situation like this.
Sadly there's no way to prevent morons from being morons. My company sent out a company wide email again advising us about the Covid-19 phishing emails and such, and some moron actually opened one and compromised his system, though luckily our IT department was proactive and had already blocked all traffic outside the whitelist, as all traffic is routed through our own VPN. That's about the only way I can think to prevent it.
Unfortunately the truth is when it comes to malware the best prevention is just having people who remember to use safe practices and don't open attachments from people you don't know or from ones you do that you are not expecting something. Our CSR's are told to call customers and verify they sent email with attachments if we don't already know it is coming. My traffic all comes into our VPN tunnel too, however we don't have a local exchange server and the emails come from the cloud encrypted so the network appliance doesn't do much. We have a decent Sonic Wall device but I wish we had the resources to have way better setup. So basically when it comes to email it is down to the cloud, local rules and and black lists. We have such an influx of new customers all the time that white listing just had not been practical for our operation. However if this stuff escalates more it is a very good idea to whitelist, so thanks for the idea, and may prove the only way to further help things. Luckily so far we have not had an issue other than receiving a few of them. I just wanted to remind people and more so have the educated users in these forums remind people they know to be way more vigilant right now.
Yes ransomeware is about the scariest thing going. I started using encrypted local backups of this a few years ago just before the wanna cry outbreak. I had also just installed a couple levels of works station protection as well. I was very thankful I had just been to a security seminar talking about this right before and it seemed like something to take very seriously. I was very glad I had taken immediate actions. With all the people we have working remotely right now I have never been more worried about getting a local attack.
Another good time to plug the software I use, Macrium Reflect. It's a disk imager like Acronis. I use the free version which lacks the ability to do incremental backups and encryption, but it can still do differential backups. A good choice if you already use full disk encryption on your destination drives.