Phishing Scams during a Crisis

Last week I talked about Covid-19 related cyber scams. I wrote specifically about phishing emails with “Covid-19” or Corona Virus” being in the subject line or in the email itself. Those key words being used can be an obvious “red flag” that the email is a phishing attempt. Since it was widely reported Covid-19 related scams were happening, the cyber attackers have changed their phishing emails, making them appear to be normal business emails.

Below is an example of a phishing email that was hoping to “slip in between the cracks” and for the recipient to click on the link and enter a username and password. It is a very typical phishing email. I have anonymized parts of it and highlighted several “red flags” that could indicate, it is a phishing email. I changed the sender name and also did not show the URL you would see by hovering over the links.

By clicking the link and submitting a username and password, you have just allowed a cyber attacker to potentially cause a data breach. To learn more about what to do before, during, and after a breach checkout this article. For more on supporting your small business during COVID-19, check out our Michigan SBDC page for more information.