Cyber-criminals are using the current Covid-19 pandemic to help with their phishing scams. We encourage everyone to be extra vigilant when opening emails and clicking links within them.
Some helpful hints:
- Don’t be taken in by the sender’s name. Scammers can put any name they like in the “from” field.
- Look out for spelling and grammatical errors. Not all crooks make mistakes, but many do. Take extra time to review messages for telltale signs that they’re fraudulent.
- Check the URL before you type it in or click a link. If the website you land on doesn’t look right, steer clear.
- Never enter data that a website shouldn’t be asking for. A site that’s open to the public, such as the CDC or WHO, will never ask for your login credentials.
- If you realize you just revealed your password to impostors, change it as soon as possible. The crooks try to use stolen passwords immediately, so the sooner you change your password, the more likely you are to stop them for doing anything malicious.
At first glance, the sender’s email address appears to be legitimate, for example cdc-gov.org or cdcgov.org. The criminals create domains that are very close to the real CDC site — cdc.gov. Even though the link looks like it will take you to a CDC.gov website about the Corona virus, it will not. More than likely, you will land on a fake Microsoft Outlook login page, created by criminals to steal user names and passwords, which they control.
There is no reason to provide login credentials to visit a public website, such as the CDC.