COVID-19 scams and phishing messages

Overview

The University of Idaho has observed an increase in COVID-19/Coronavirus themed spam, scam, and phishing messages sent to university recipients. Messages may pretend to offer information about the virus but link to malicious websites or ask for money. Exercise caution when reviewing messages related to the Coronavirus. Information should be obtained from reputable sources, such as the CDC or official university communications, to avoid scams and phishing attacks.

For additional information on avoiding COVID-19 scams, please see:
https://www.us-cert.gov/ncas/current-activity/2020/03/06/defending-against-covid-19-cyber-scams
https://www.ic3.gov/media/2020/200320.aspx

Current Trends

Phishing messages purportedly offering new schedules for Fall semester have been observed. The messages link to a Microsoft OneDrive or Google Drive document, with additional links to web pages asking for your password. A sample phish is shown here:

Phish pretending to offer new schedule information.

 

The FBI reports cyber criminals are sending phishing messages claiming to offer information on an employee's pending termination. The messages may include a link to a supposed videoconferencing meeting with HR or the employee's supervisor to discuss possible job loss. Such emails are phishing messages and clicking links may take you to a fake login page or download malware to your computer. See How should I report a suspicious message? for steps on reporting a suspicious message.
https://www.waterisac.org/system/files/articles/FakeTermination_PIN_FINAL.pdf

Advanced threat actors are reportedly targeting research organizations. Information related to Covid-19/Coronavirus vaccines, treatments, and tests appear to be the primary data targeted. Higher education institutions and associated individuals should remain vigilant for any hacking or social engineering attempts. See How should I report a suspicious message? for steps on reporting suspicious computer or account activity.
https://www.fbi.gov/news/pressrel/press-releases/peoples-republic-of-china-prc-targeting-of-covid-19-research-organizations

Where should I watch for scams?

Scammers may send COVID-19 themed scams and attacks through a variety of channels, including but not limited to:

  • Phishing
  • Vishing
  • Physical Mail

Phishing

A phish is a malicious email message. A phishing message could include a virus infected attachment, or a link to a fake login webpage designed to trick you into entering your credentials. Be wary of email messages using the following themes related to the COVID-19 pandemic, including but not limited to:

  • Covid 19 health or virus updates
  • Medical supply sales
  • Government stimulus payment
  • Remote work software like Zoom or WebEx

For more information please see What is phishing?

Vishing

Vishing refers to scams conducted via a phone call. A phone caller stating you have a fine from the IRS and you need to provide your Social Security Number would be an example of a vishing attack. Be wary of unsolicited phone calls, especially any claiming information about COVID-19.

Physical Mail

Scammers still send scam messages through traditional physical mail. Letters and cards asking for prompt action should be checked to ensure it is from a valid sender, or if it is junk mail.

How do I report a suspicious message?

You can report suspicious emails using the Report Phish button. For more information please see How do I report a phishing message?

To report other forms of suspicious communication or activity please contact security@uidaho.edu.

Has the U of I seen any COVID-19 phishing messages?

Yes! A sample COVID-19 phishing message received by the U of I is shown below. The message has several suspicious indicators:

  • The sender email address ("splashmath.com") is unrelated to the World Health Organization (WHO).
  • The subject ("HIGH-RISK") attempts to shock the recipient into taking quick action.
  • The body is short on details and simply references "your city".

Sample phishing message with coronavirus theme

The University of Idaho has received a variety of malicious messages related to the pandemic and other current events. A few selected examples are shown below:

Phishing Messages

Healthcare gift card scam:

Hospice gift card scam

 

Stimulus payment phish:

Stimulus payment phish

COVID-19 phish:

Sample covid phish

 

Covid 19 themed phish email

 

Coronavirus themed phishing message

Coronavirus themed phishing message

Spam Messages

Coronavirus themed spam message

Coronavirus themed spam message

Details

Article ID: 1596
Created
Mon 3/16/20 3:13 PM
Modified
Wed 8/5/20 3:59 PM