With COVID-19 Outbreak changing the situation so drastically for everyone, it is likely to create opportunities for cybercriminals to exploit as well, with so many people working from home.
OMAG wants to keep our cities and towns safe while so many of their workers may be working remotely from the IT staff they have come to rely upon in their offices.
Some specific warnings for avoiding phishing attempts that attempt to take advantage of the crisis related to the COVID-19 Pandemic:
Be very cautious of emails that sound like they are talking about special government assistance programs related to Coronavirus.
It’s very easy for a phisher to mention some legitimate news story, or a bill passing congress, or a school closing, to try to entice a user to click on a link.
Any email purporting to link to some website where you need to register to receive a benefit is probably the first and foremost concern and should be treated with great caution.
If you get an email telling you that you need to register for a website to receive a state government, the federal government, or insurance benefit, then please forward it to ITSupport@omag.org and let us look at it first.
OMAG will then have the ability to forward it to a phishing email registry operated by KnowBe4, for them to judge whether it matches a pattern of phishing attempts that they have detected.
Also, when you are working from home, you may be more susceptible than normal to an illegitimate robocall claiming that you need to do something to keep your access to your VPN, O365 Email, Cox internet, or AT&T Wireless internet access, etc.
Because an employee may be likely to worry that they could suddenly be without their internet access and be unable to reach out to their company IT staff for help. So they might feel desperate and click on the link or agree to talk to the scammer who is threatening to cut them off of their service.
This week one of our IT staff has even received a robocall on his cell phone saying that some suspicious activity had been detected on his “AT&T Wireless” account and advised him to stay on the line to speak to a representative because his AT&T account was “being investigated”.
The staff member does not use AT&T for his mobile phone, so he had an immediate clue that it was a scam. But the fact that the robocall used such loaded language as saying the account was being investigated is a red flag and the kind of threatening behavior that a legitimate call would never use.
Any legitimate communications from your cell phone or internet service provider will come through your mail or email, and they will never ask you for your password.
If you have any questions about something you receive via email or over the phone while doing work from home, we advise forward the concerning email to the local IT staff at your city or town and warn other staff at your city about any suspicious phone calls you might get.
OMAG is happy to offer whatever assistance we can to our cities during these times.
Stay healthy, stay at home if you can, and trust your IT staff to help you stay online.
This posting was prompted by an article on The Hill that was sent around at OMAG, and it is linked below for further reading:
