COVID-related phishing scams on the rise

Last Updated: 06/29/2020

The Federal Trade Commission (FTC) and the FBI Cyber Division recently released alerts warning people of COVID-related scams. 

According to the FBI, cybercriminals are targeting employees with fake termination phishing emails and video conferencing invitations as a result of COVID-19 downsizing. Emails contain malicious links and ask victims to provide personal information. Messages and meeting notices may include vague, attention-grabbing subject lines such as, “Termination Review Meeting.” 

text screenIn addition, the FTC issued a warning on text message scams where scammers pretend to be the department of public health alerting you that you’ve been in contact with someone who tested positive for COVID-19 via text message (example pictured right). In the message, there’s a fraudulent link. Clicking that link will download software where scammers could access personal and financial information. 

Please be wary of any COVID related emails and text messages from unknown sources. Do not click on any links where you are unsure of the sender. If you have clicked on a similar link before and provided information, you should contact your service provider immediately.

Helpful tips:

  • Do not provide your username, password, or any personal information requested by unsolicited email or phone call. (CU will never ask you for your username or password.)
  • Be wary of email links or attachments, unless you are positive the content is safe.
  • Don't react to tactics aimed to scare you into taking urgent action, including threats of a lawsuit, a computer full of viruses, locked accounts, or opportunities to earn or save money now.
  • Legitimate companies and service providers will provide a way for you to contact them directly. If you’re uncertain, you can learn more by researching them online.
  • Emails from a university leader asking you to make an urgent wire transfer or buy gift cards are likely to be scams.
  • No one from your campus IT department is going to call to inform you about a computer virus and ask for your passwords.
  • Government agencies will not call and threaten you, or make demands for payment in the form of gift cards.

For more information on phishing, please visit OIT's Security Awareness - Phishing page.