Cybercriminals have become extremely sophisticated and skilled at crafting realistic emails for use in their campaigns. During events like the current COVID-19 outbreak, people are desperate for news and less likely to perform due diligence before clicking on an email link or opening an attachment. Cybercriminals take advantage of this in their attacks.
Before opening or acting on any email dealing with COVID-19, or any other event, it is important to consider the following:
- Is the email expected? An unsolicited or otherwise unexpected and unusual email may be part of a phishing attack.
- Does the sender’s address look right? If the sender’s email address is misspelled or uses an unusual domain, it is coming from a completely different email account.
- Does the body of the email seem legitimate? Check for misspellings, grammatical errors, and stylistic discrepancies. All of these are potential indicators of a phishing email.
- Do links point where they should? Hover over links and check to see if the target address points to where you expect. Check for misspellings and other oddities.
- Does the attachment make sense? If the email has an attachment and doesn’t need one or the filetype of the attachment is odd, then it is probably a phishing email.
- Does the email evoke a sense of urgency? Cybercriminals use urgency to bypass peoples’ mental filters. Slow down and consider whether the email makes sense.
- Does the email request sensitive information? If so, it is probably a phishing email, and you should not respond or click on any links.
Beyond answering these questions, stop and consider if the email “looks right” to you. If something feels wrong—don’t open it. Additionally, if you can obtain the same information from another (more reputable source), do so instead of opening a suspicious attachment or clicking on a link.