COVID-19 Related Email Scams Advisory

Threat Level: Medium
Threat Type: Phishing
Advisory Date: 07/13/2023

Description

In light of growing news and concern around Coronavirus (COVID-19), scammers are launching fraudulent email and malware campaigns attempting to take advantage of COVID-19 information and support.

The University of Regina has been targeted with such scam emails. For example, emails have been received by employees with messages similar to the following:

Dear Staff
New notification ,Please due to COVID-19, all staff & Employee are expected to kindly Click PROCEED <link to malicious site> and complete the required directive to be added to March and April benefit payroll directory as compilation is ongoing and will last within 48hours.

Thank you,
Admin Department .

This and similar messages are designed to steal credentials by directing you to a website which has a fraudulent log-in portal.

Email scams operating under the guise of COVID-19 may seek to have you:

  • Open an attachment or click a link to ensure you are paid,
  • Review important information about a organization’s COVID-19 response, such as the University, or,
  • Donate to support efforts for COVID-19.

Scams may claim to originate from or attempt to impersonate trustworthy sources like:

  • Employers / Universities,
  • Governments,
  • World Health Organization,
  • Financial Institutions,
  • Support Organizations such as Red Cross, or, 
  • Donation Sites like GoFundMe.
It is imporant for the University of Regina community to be aware that it may be a target for such scams.

Impact

Falling for the email scam can result in your system and accounts being compromised. Threat actors can then steal information, or utilize ransomware.

Resolution

In these uncertain times, it is important to shield yourself from COVID-19 as well as cyberthreats! Remember to use good cyber-hygine as a way to protect yourself and your information:

  • Be cautious, or better yet, avoid clicking links or open attachments in emails – they may contain malware or be used to steal your personal information.
  • Beware of online requests for personal information. A coronavirus-themed email that seeks personal information like your social insurance number or login information is a phishing scam. Legitimate government agencies won’t ask for that information. Never respond to the email with your personal data.
  • Check the email address or link. You can inspect a link by hovering your mouse button over the URL to see where it leads. Sometimes, it’s obvious the web address is not legitimate. But keep in mind phishers can create links that closely resemble legitimate addresses. Delete the email.
  • If you receive suspicious email, report it! We can help prevent it from reaching other users.
  • Go to websites directly to consume information – type the organization’s name or URL directly into your browser search bar. It is best to navigate directly to a website rather than following links in an email.
  • Always double check the email sender’s name and email address.
  • If you are sending email, be sure to use your University of Regina email address. It is more difficult for recipients to determine if a personal email address belongs to the person it asserts to be from. Most Impersonation emails usually arrive from free email services like gmail.
  • Look for branding and spelling/grammar mistakes.
  • Be extra cautious of emails sounding urgent or threatening.
  • Legitimate sources will never ask you to donate or transfer funds using methods such as Bitcoin or Gift cards.
Users should heighten their approach to cybersafety as scammers take advantage of world events and the impacts it has had, such as work at home requirements.

Resources

Internal Resources:

The University of Regina provides phishing resources at the Phishing Resources Page at: https://www.uregina.ca/is/security/resources/resource-phishing.html

Take the free, online information security awareness training which provides a module on Phishing. You can enroll at: https://www.uregina.ca/is/training/sec-training.html

If you require assistance regarding a phishing message, or wish to report an email scam, please contact the IT Support Centre:
Email: IT.Support@uregina.ca
Phone: 306-585-4685
Toll-free in Canada: 1-844-585-4685

External Resources:

Norton: Coronavirus Phishing Emails: How to protect against COVID 19 Scams: https://us.norton.com/internetsecurity-online-scams-coronavirus-phishing-scams.html

Electronic Frontier Foundation: Phishing in the Time of COVID-19: How to Recognize Malicious Coronavirus Phishing Scams: https://www.eff.org/deeplinks/2020/03/phishing-time-covid-19-how-recognize-malicious-coronavirus-phishing-scams

Security Week: The Other Virus Threat: Surge in COVID-Themed Cyberattacks: https://www.securityweek.com/other-virus-threat-surge-covid-themed-cyberattacks

Infosecurity Magazine: COVID19 Drives Phishing Emails up 667% in Under A Month: https://www.infosecurity-magazine.com/news/covid19-drive-phishing-emails-667/