Be Aware - Coronavirus-Themed Scams PersistMay 22, 2020
You have seen a number of messages from OIT over the last few months about cyber security including phishing alerts, preventing Zoombombing, and our rollout of multi-factor authentication with Microsoft 365 applications – all efforts to protect your private information and university resources. It is vitally important that we all continue to be vigilant about staying safe from cyber security threats both at home and within our university community.
Security breaches are increasing in intensity and complexity, and fraudsters seem to be working overtime to take full advantage of people’s vulnerabilities during this pandemic. At CU, our security and compliance teams across all four campuses and the CU Systems office have been collaborating and sharing information as each campus team continues to monitor activities to protect our infrastructures.
Please use caution with any health and virus associated messages you may receive. There has been broad use of a variety of channels to deliver fraudulent messaging including email, texts, websites, social media, phone and robocalls. CNN reported a text message that informs recipients they have come into contact with someone who tested positive or has symptoms for COVID-19 with a link to click for more information. Other scams provide links to complete a “mandatory” evaluation and look as if they are coming from trustworthy organizations - don’t fall for it or click any links as you could permit malicious software to be downloaded to your device!
Following are some quick resources for cyber scam awareness and safety tips:
- Cybercrime Support Network created a one-pager COVID-19 Scams infographic that you can review with links for taking action, if needed.
- Stay Safe Online offers this helpful one-pager Security Tips for Remote Workers as well as a COVID-19 Security Resource Library with information about ways to stay safe online
- The Better Business Bureau, Federal Trade Commission, and Federal Communications Commission offer coronavirus-themed phishing advice and updated consumer warnings on their webpages
- The University of Colorado’s Office of Information Security team provides additional details about what to look for in phishing emails here.
- OIT resources about recognizing a phishing attack on your university email and what to do if your CU Denver / Anschutz Medical Campus account is compromised also are available on the OIT Phishing webpage. You can forward potential phishing emails to firstname.lastname@example.org with a subject line of "PHISHING" for review by the security team.
If you suspect that your university-provided computer may be compromised or if you inadvertently disclosed sensitive university information to unauthorized individuals, it is important to report it immediately by contacting the OIT Service Desk at 303.724.4357.
Thank you to the CU Systems Office of Information Security for contributing to this article.