During this storm of COVID-19 phishing scams, the bad guys love posing as your trusted Human Resources department. One recent HR scam started with an overdramatic subject line: “COVID-19 PANDEMIC IS WITHIN, BEWARE! WARNING!!!” In a mess of run-on sentences, the email claims that some of your co-workers have tested positive for Coronavirus. Keeping with the HR theme, they ask that you do not discriminate against these people and they suggest that “everyone should rather cease panic”.
The email does not identify anyone by name, but asks you to download an attached photo of the infected employees. This attack targets your natural curiosity. Who could it be? Wasn’t Bill coughing last week? I just have to know! If you were to download the attachment, you would find that it is actually a piece of malicious software designed to quietly steal data through your organization’s network. Don’t be fooled!
Remember these tips:
- Watch for sensational words like “BEWARE” and “WARNING!!!” The bad guys want you to panic.
- Be wary of emails with spelling or grammatical errors, especially when it supposedly came from a reputable source.
- When questioning the legitimacy of an email sent from someone in your company, give them a call! One quick call could save your organization from a potential data breach.
Stop, Look, and Think. Don't be fooled.
The KnowBe4 Security Team