EPC COVID-19 Task Force - Newsletter Vol 1 · 2020-06-03 · emails towards specific people or groups are called spear phishing. The main goal of phishing is to convince a person

As COVID-19 continues to have an impact on theworld, we understand this is a challenging time foreveryone. In order to practice social isolation, manypeople are struggling to quickly adapt to newtechnologies for work as well as to remotely keep incontact with friends and family.

Unfortunately, this increased online presence haspresented even more opportunities for maliciousindividuals to target people with new online threatsand scams.

The inaugural issue of this newsletter will providetips for avoiding these new schemes as well asgeneral tips to stay safe online.

Learn more about our efforts to help consumers andthe community during the COVID-19 pandemic at:https://edelson.com/covid-19-task-force

Together, we'll stay strong.

A Message to theCommunity

PRIVACY NEWSLETTER

As Part of Edelson PC's COVID-19 Task Force

M A R C H 2 4 , 2 0 2 0 V O L . 1

A MESSAGE TO THECOMMUNITY

PROTECTING YOURSELFAGAINST COVID-19ONLINE THREATS ANDSCAMS

I N T H I S I S S U E

P H O T O B Y M A R T I N R . S M I T H

Reply to an email and provide confidential informationClick on a link that leads to a malicious websiteOpen a malicious attachment

Social engineering is the art of manipulating people intogiving up confidential information or taking an action. Themain types of social engineering generally occur either viaemail (Phishing) or voice on the phone (Vishing). Some phishing schemes are broad and wide in order to affectas many people as possible. Narrow and targeted phishingemails towards specific people or groups are called spearphishing. The main goal of phishing is to convince a personto either:

M A R C H 2 0 2 0 V O L . 1

Our firm staffs in-house technology experts that investigate various security and privacy abusesto protect consumers. These same experts have provided tips on how to protect yourself againstthreats specifically related to COVID-19.

Protecting Yourself Against COVID-19Online Threats and Scams

Social Engineering1.

The below email provides a good example of a potential COVID-19 phishing schemepurportedly from "CDC.gov." Here, the attacker faked the sender name as CDC.gov and put asender email address of cdcgov.com (which the attacker will receive the replies to and issimilar to the real cdc.gov domain). The attacker could have faked the sender email address as the legitimate cdc.gov domain aswell, but then the attacker would not receive the replies. In that scenario, the attacker wouldrely more on the victim clicking a malicious link or opening an attachment. Therefore, err on the side of caution, and avoid replying to any email that asks for sensitiveinformation unless you have verified the request was real via the organization's phone numberlisted on their website. Avoid using a phone number listed in an email to call for verification.

M A R C H 2 0 2 0 V O L . 1

Verify the Sender Before Replying

You can also verify links in emails on your phone as well. In Android, simply long click on the linkto see the actual destination. For an iPhone, you can also long click, but should turn off thepreview mode first as described below.

Lead to a fake page to capture your email and password such as Gmail, your bank, etc. Lead to a malicious server that will try to infect your device with malware.

Be very careful when receiving a suspicious email that wants you to click on a link. Attackersoften embed malicious links in emails that either:

The example email wants you to click on the link to order a COVID-19 testing kit. At first glance,the link looks legitimate and appears to lead to cdc.gov. However, clicking on this link wouldactually lead to cdcgov.com (which is controlled by the attacker and is not a legitimate CDCsite).

1 . C l i c k o n a k n o w n g o o d l i n k i n a n e m a i l a n d s e l e c t" H i d e p r e v i e w " t o t u r n p r e v i e w m o d e o f f . 2 . N o w , w h e n y o u s e e a l i n k i n a n e m a i l , s i m p l y l o n gh o l d o n t h e l i n k t o s e e t h e t r u e d e s t i n a t i o n . S i m p l yc l i c k s o m e w h e r e e l s e o n t h e s c r e e n t o a v o i d v i s i t i n gt h e s i t e i f i t a p p e a r s t o n o t m a t c h t h e l e g i t i m a t ew e b s i t e ' s d o m a i n .    

Luckily, most email software allows you to see theactual destination of a link by hovering over it withyour mouse. If you don't see the destination whenhovering, another tip is to copy and paste the link intoa notes app.

M A R C H 2 0 2 0 V O L . 1

Don't Click on Links Blindly

iPhone Steps to Turn Off Preview Mode

Illegitimate Domain

M A R C H 2 0 2 0 V O L . 1

P H O T O B Y M A R T I N R . S M I T H

Avoid Opening Attachments Blindly

Be especially careful not to open any attachments in an email unless you are absolutely sure whothe sender is. Many malicious attachments are filled with malware that oftentimes will disableyour antivirus software in order to download additional malware such as a keylogger. Akeylogger can be used to capture your logon credentials to various websites which will then besent to the attacker. Our example phishing email contains the below malicious PDF attachment:

Common COVID-19 Phishing Schemes

Emails claiming to be from the CDC, the WHO, or other health agenciesAny email or online offer for a COVID-19 vaccination or other "cure"An email claiming to be from your employer or school relating to COVID-19

Some COVID-19 related phishing schemes to avoid are:

The following are examples of COVID-19 phishing attempts as reported by the U.S. Departmentof Health and Human Services:

Common voice based social engineering campaigns (Vishing) generally begin with a pre-recorded message that prompts the victim to call a toll free number. These calls are generallyanswered by an interactive voice response (IVR) system or a live operator to attempt to inducethe victim to provide sensitive information that can later be used for identity theft. Other Vishingmethods include via a text message or a live person calling. Some people have also reportedscammers showing up at their home with fake test kits for sale.

The IRS or Social Security Administration requesting money or informationAnyone that asks for a gift cardA local or federal law enforcement agency claiming you will be arrested if you don't pay a fine You have been selected for a cruise, prize, etc.A pretend call from your bank, work, a utility company, or a school

Common phone or visit based schemes include:

The following are examples of phone based scams related to COVID-19:

Be Suspicious of Phone Calls or Visits Related to COVID-19

In order to access the legitimate tracker, you can visit: https://coronavirus.jhu.edu/map.html. 

Interacting with any emails that claim to have a link or attachment to the trackerInstalling any mobile apps that claim to be a COVID-19 trackerVisiting any suspicious website that claims to be a COVID-19 tracker. A few other legitimatetrackers include:

https://covidtracking.comhttps://ncov2019.live

Avoid the following:

Johns Hopkins University designed a popular COVID-19 tracker which details the total infections,deaths, and recoveries in each country. Attackers have recently started creating several fakevariants of the Johns Hopkins tracker with the goal of installing spyware on the victim's computeror mobile device.

2. Fake COVID-19 Trackers

3. Disinformation CampaignsSeveral media outlets have reported that a European Union database has recorded roughly 80cases of disinformation regarding COVID-19 so far. The campaigns are designed to generatepanic and cause distrust by falsely claiming that the Coronavirus is a biological weapon createdby the West.

The U.S. Government has also alleged foreign disinformation campaigns are attempting tospread fear be making false claims that U.S. service members created and are spreading thevirus as well as stoking fears of a nationwide military quarantine. Please keep in mind that it is very easy for attackers to create fake social media accounts inorder to spread false information. Social media companies have processes in place to try todetect these campaigns, but many slip through the cracks. Avoid blindly trusting what is postedonline and instead refer to the websites of world, national, state, and local health andgovernment organizations to receive accurate updates regarding COVID-19.

4. Other General Security TipsThe following are other general tips to ensure you are staying safe online, not only duringCOVID-19, but in general as well.

U s e 2 f a c t o r a u t h e n t i c a t i o n f o ry o u r b a n k , e m a i l , a n d o t h e ra c c o u n t s t h a t c o n t a i n s e n s i t i v e o rf i n a n c i a l i n f o r m a t i o n

U s e a p a s s w o r d m a n a g e r t o s e ti n d i v i d u a l s t r o n g a n d u n i q u ep a s s w o r d s f o r e a c h s i t e t h a t y o uu s e *

* Y o u t h e n o n l y h a v e t o r e m e m b e r y o u r s i n g l em a s t e r p a s s w o r d .

C h a n g e t h e d e f a u l t p a s s w o r d s o ny o u r r o u t e r , w e b c a m s , a n d a n yo t h e r I o T d e v i c e s i n y o u r h o m e

A v o i d u s i n g s i t e s t h a t a r e n o te n c r y p t e d ( H T T P ) a n d u s e H T T P Ss i t e s i n s t e a d o r a V P N

B e a w a r e t h a t m a l w a r e i s o f t e nc o n t a i n e d i n s o f t w a r e d o w n l o a d s ,b r o w s e r e x t e n s i o n s , t o o l b a r s ,a n d m o b i l e a p p s f r o m n o n -r e p u t a b l e s o u r c e s

L o c k y o u r d e v i c e w h e n n o t i n u s e ,a n d u s e f u l l d i s k e n c r y p t i o n o nd e v i c e s t h a t c o n t a i n s e n s i t i v ei n f o r m a t i o n *

T u r n a n y c o m p u t e r w i t h f u l l d i s k e n c r y p t i o n c o m p l e t e l y o f fb e f o r e t r a v e l i n g o r l e a v i n g i t u n a t t e n d e d f o r a n e x t e n d e dp e r i o d o f t i m e . O t h e r w i s e , a t t a c k e r s c a n p o t e n t i a l l y g r a b t h ed e c r y p t i o n k e y f r o m t h e R A M o f a c o m p u t e r t h a t i s r u n n i n g o ri n s l e e p m o d e i n o r d e r t o a c c e s s y o u r f i l e s .

A t t o r n e y A d v e r t i s i n g M a t e r i a l - 3 5 0 N . L a S a l l e S t . 1 4 t h F l o o r , C h i c a g o , I L 6 0 6 5 4