The Department of Homeland Security, Cyber-Infrastructure (CISA), says that malicious cyber actors could take advantage of public concern surrounding COVID-19 by conducting phishing attacks and disinformation campaigns. Phishing attacks often use a combination of email and bogus websites to trick victims into revealing sensitive information. Disinformation campaigns can spread discord, manipulate the public conversation, influence policy development, or disrupt markets.

CISA encourages individuals to guard against COVID-19-related phishing attacks and disinformation campaigns by taking the following precautions:

• Avoid clicking on links in unsolicited emails and be wary of email attachments.
• Do not reveal personal or financial information in emails, and do not respond to email solicitations for this information.
• Review CISA’s Tips on Avoiding Social Engineering and Phishing Scams for more information on recognizing and protecting against phishing.
• Review the Federal Trade Commission’s blog post on coronavirus scams for information on avoiding COVID-19 related scams.
• Use trusted sources—such as legitimate, government websites—for up-to-date, fact-based information about COVID-19.

Resources:
Resource Center for Development of Security Excellence

Department of Homeland Security, Cyber-Infrastructure