Coronavirus (COVID-19) Phishing Warning

Be aware that there are many phishing and online scams surfacing that seek to capitalize on the public concern surrounding the coronavirus (COVID-19). Lake Forest College received the warning detail outlined below regarding coronavirus related online malicious activity from its institutional insurance consortium.

Please be alert that there has been a sharp increase in phishing attacks occurring over the past week. Hackers and cybercriminals are using public apprehension over the coronavirus outbreak to advance their agendas. IBM recently warned consumers that ransomware has entered the mix of coronavirus-themed payloads hackers are unleashing. Emails purporting to contain information about the spread of the coronavirus will secretly download malware that allows hackers to steal information and deliver additional malware.

The type of email you may receive to get your attention to click a malicious link or open an attachment include:

  1. Fake school or CDC emails could make you think you or your student has been exposed to COVID-19. They may state your family may face quarantine.
  2. False claims that there is a vaccine now available or some form of remedy available.
  3. Misleading ads about masks or other protective gear that may not be effective or other helpful hints to combat the virus.
  4. Email with “latest” updates to keep you informed as criminals are aware that everyone wants to know everything first.

What can you do?

  1. Rely on the established line of communication from the College for your updates. Important announcements and details that you need to know will appear on the College’s coronavirus webpage.
  2. Be cautious about opening any Web links or attachments, even if you know the sender, as it may be a message from a compromised sender account.
  3. Look for “red flags” in emails you receive. Red flags include abnormalities in the sender, topic, links, content, etc. To help everyone on this topic, please refer to this one page document from the Educational & Institutional Insurance Administrators consortium.
  4. Contact the ITS Service Desk whenever you have any doubts or concerns about a message you have received. They will investigate its legitimacy and follow-up with any necessary warnings to you and others who may have received phishing messages. Vigilance is key and reporting suspicious messages is the best way for us to combat the attacks.