COVID-19/Novel Coronavirus Information Security Precautions

NOTICE! Further updates to this page will be announced on the Berry OIT social media platforms. We’re on Facebook (@BerryCollegeOIT), Twitter (@berryoit), and Instagram (@berrycollegeoit). Please check back here often, as tactics will change almost daily based on new events related to the virus. Updates will continue to be added to the bottom of this page and dated for easy following.

While we all should be washing our hands more frequently, using hand sanitizer, avoiding large gatherings, limiting our travel, and taking other physical precautions in response to the coronavirus. we also have to take into account information security precautions.

Criminals will use every ruse they can to try and take your money, steal your credentials or infect your computer with malware, including promising “coronavirus updates”, “miracle cures”, and other information and services. Many of these phishing emails will be believable, not just because the criminals may take care to craft them accurately, but because almost everyone has at least some small innate fear of this mostly unknown virus. There is urgency and “scariness” built right in, as the coronavirus will most likely affect all of us, at least indirectly, at some point.

Please be especially careful with any emails that attempt to manipulate you using fear of the coronavirus. Avoid and report emails that request donations, or claim to have “inside information” about the virus and the associated disease, COVID-19.

UPDATE (3/18) – also stay away from apps in the Apple Store and Google Play that are coronavirus related. The vast majority are designed to steal your data and credentials or take over your phone, or both.

If you want more information about it, your best bet is to stick to major news outlets like CNN, MSNBC and Fox News for more reader-friendly summaries, and the Center for Disease Control and Prevention, the World Health Organization, and the Georgia Department of Public Health for more detailed and localized information.

Please also consult the college’s update page for dealing with the coronavirus.

Links to other sources of information will be posted here as the situation develops, but your first stop should be the page above.

UPDATE (3/18): Here is the NCSA resources page mentioned in the March 18th email. https://staysafeonline.org/covid-19-security-resource-library/

UPDATE (3/23): Coronavirus-themed phishing emails are arriving in campus email inboxes now. They promise everything from where to find masks and other protective gear to the fact that you don’t need a vaccine to beat the coronavirus (true, but irrelevant). Some are attempting to impersonate the World Health Organization and the Centers for Disease Control and Prevention. Don’t be fooled! Report or delete these emails, don’t follow any links, and don’t open any attachments. Rest assured the WHO and the CDC will not email you directly with updates. You can visit these sites from the links above, or if you have them bookmarked now, as some do, use your bookmarks or Google to find the sites safely.

UPDATE (3/23b): Scammers are now using the promise of government stimulus checks to try and steal your credentials and financial information. They are also attempting to impersonate the IRS to achieve the same goals, with the same lure (stimulus checks). Don’t fall for these tricks! The government will not contact you via email and ask for private financial information.

UPDATE (4/1): For those of you using Zoom for classes or other duties – Due to a bug in how Zoom handles web and file addresses in the chat feature, OIT strongly recommends that you do NOT send links to resources for classes (or work) via chat, nor should you open any links in the chat window. Please put resource links for all classes in Canvas, and treat any link in the chat window as you would a link in an email, VERY SUSPICIOUSLY! Also, please make sure you are following ALL of the recommendations from OIT about securing Zoom sessions if you are using Zoom to conduct classes. These are found in a March 19th email from computing@berry.edu.

UPDATE (4/1b): Scammers have no shame. One of the newest phishing scams out there tries to convince you that they are contacting you from a hospital and that they know you have had contact with someone infected with the coronavirus. The scam attempts to have you download and open the attachment, then proceed to the nearest hospital. The attachment contains malware and will infect your computer. Even during a pandemic, don’t open attachments.

Also, scammers have registered hundred of new domains over the past few weeks with “zoom” in them somewhere and the websites associated with them are handing out malware to unsuspecting users who click on them. The real domain for Zoom is zoom.us. There is never any reason to go to the Zoom website to use Zoom. Download the Zoom app to your computer and do your work there. Be VERY cautious with emails that purport to be from Zoom.

Finally, a group of scammers are going “old school” to infect users. They are mailing (yep, snail-mail) USB drives to potential victims, sometimes accompanied by gift cards or other lures to get users to plug them into their computers. Don’t ever plug in a USB drive of unknown origin into your computer! The USB drives sent by these scammers will install malware that will allow them access to your computer. Don’t fall for it!

Photo Credit: Photo by Dimitri Karastelev on Unsplash

Author

(Visited 95 times, 1 visits today)