Menu

The expanding scope of the Coronavirus has created uncertainty and anxiety on a global scale, encompassing both public health and economic impacts. As business leaders around the world grapple with a wide range of questions, Paul Hastings is here to help.

 

RECENT ARTICLES

Recent Articles

Don’t Feed the Fish: COVID-19 Phishing Scams and Malware Attacks

Apr 24, 2020, 06:38 AM
Publication Type(s):
Client Alerts
Exlcude on home page:
No

Congratulations! Your entire workforce is now remote and your cyber training has effectively taught them that the prince in exile is not really going to share his millions in offshore cash if they just let him park the money in their personal bank account. But what about an email from IT stating that the company has changed its remote work settings and requesting action, a newsletter from the government detailing new Paycheck Protection Program loan information, or the secure document they receive providing information about their work colleague who was just diagnosed with COVID-19 (and they get the colleague’s name right)?

Cyber criminals have moved quickly to take advantage of the fear and concern around COVID-19, along with increased reliance on social media to stay connected, to launch very sophisticated cyber-attacks. These range from generic “phishing” campaigns, perpetrated by sending an email—or, increasingly, a text message—that appears to originate from a trustworthy source, or “spear phishing,” where the hackers monitor social media and specifically tailor the attack to the victim.

We previously reported on the U.S. Department of Homeland Security (“DHS”) Cybersecurity and Infrastructure Agency (“CISA”) and the U.K.’s National Cyber Security Centre (“NCSC”) joint alert discussing COVID-19-related malicious cyber activity. With several more weeks of experience, we can now see how the threat landscape is evolving. In particular, organizations should be on the lookout for the following campaigns:

General COVID-19 Updates

People are desperate for any news about the virus and can easily be lured into clicking on links or attachments that look like new updates. Both CISA and the NCSC have observed a large volume of email phishing campaigns with subject lines such as:

  • 2020 Coronavirus Updates
  • Coronavirus Updates
  • 2019-nCov: New confirmed cases in your City
  • 2019-nCov: Coronavirus outbreak in your city (Emergency)

One phishing campaign delivers emails purportedly from the Director-General of the World Health Organization, Tedros Adhanom Ghebreyesus, which contain an attachment that supposedly provides information on drugs for the prevention and treatment of COVID-19. By opening this attachment, the email recipient downloads a type of malware that logs keystrokes and captures screenshots.

Another phishing attack prompts Android users to download an app containing a COVID-19 map that appears to provide tracking and statistical information about the virus. The application in fact constitutes a type of ransomware, nicknamed “CovidLock,” which prevents victims from accessing their devices until a ransom is paid.

Offers of Medical Supplies and Insurance

There have also been reports of phishing emails offering medical supplies like thermometers, face masks, and COVID-19 testing kits, as well as health insurance, which solicit financial information, or attach malware. The CISA-NCSC alert describes an example of a campaign in which the attackers attach images of the medical supplies offered for sale, where the attachment instead contains a loader for a type of keylogger malware called “Agent Tesla.”

U.S. Government Aid

The U.S. Secret Service has reported a rise in phishing campaigns related to federal COVID-19 financial support, which request that potential victims provide personal information in order to receive stimulus funds. Some of these campaigns involve the use of spoofed email addresses posing as U.S. Treasury officials.

The FCC has also reported a text scam claiming to be from the “FCC Financial Care Center” and offering $30,000 in COVID-19 relief, despite the fact that no such FCC program exists.

Other U.S. Government Communications

The Secret Service issued an alert warning corporations about fraudulent emails apparently sent by the U.S. Department for Health and Human Services (“HHS”) that request the recipient to provide personal protective equipment and thermometers, and refer to an attached product list. When the recipient opens the attachment, malware is downloaded onto the recipient’s device.

The Better Business Bureau has also warned the public of a text scam, in which the sender impersonates HHS and informs recipients that they must take a “mandatory online COVID-19 test” by clicking on the included link.

Other criminals have impersonated the U.S. Centers for Disease Control and Prevention in sending phishing messages, with at least one example using the spoofed sender alias CDC Health Alert and the subject line “CDC-INFO-Corona Virus [Viccine] found.”

Updates from Business Partners and Vendors

The Secret Service has also warned corporations about fraudulent emails posing as corporate responses to COVID-19, purportedly sent by a vendor or other member of a corporation’s supply chain, which contain malicious attachments. The alert also notes that the email attachments have frequently been a Microsoft Office or WordPad file.

Another example includes an email phishing campaign purportedly from Group Life and Health with the subject “Important Notice to Our Corporate Clients & Partners – COVID -19.” Attached to the spam email is a .rar file entitled, “COVID-19 Communication to corporate Clients.rar,” which contains Agent Tesla, malware commonly used by criminals attacking businesses.

Internal Corporate Communications

Among the cybersecurity implications of an entire organization working from home (as we discuss more generally here) are increased phishing attacks taking advantage of changes in corporate policy and the use of technology as a result of COVID-19. In particular, there has been a notable increase in fraudulent emails purportedly sent by an organization’s HR or IT departments, which provide revised company guidance and procedures, or direct an individual to perform a critical IT update.

Exposure to COVID-19

Finally, the Secret Service has alerted the public to a particularly egregious example of phishing emails that appear to come from a hospital and inform the recipient that they may have had contact with an individual infected with COVID-19. According to the Secret Service, these emails direct the recipient to download an attached Excel file, complete a form, and bring it to the nearest emergency clinic to be tested. Of course, clicking on the attachment in fact downloads malware to the recipient’s device.

Protecting Yourself Against COVID-19 Phishing Attempts

Advice for recognizing and protecting yourself against phishing attempts remains the same, whether or not the attempt is COVID-related:

  • Avoid opening attachments or clicking on links in messages from email addresses or phone numbers that you do not recognize.
  • Check the email address of a sender by hovering your mouse over the “from” address (though note that criminals can forge the “from” address on email messages to make them appear to be from a legitimate email address, otherwise known as “spoofing”).
  • If you receive a suspicious email from someone you know, contact that person with a new message instead of replying to the email.
  • If you receive a suspicious email or message from a government source or a charity, go directly to the government or charity’s website to independently confirm the information contained in the email or message.
  • Check the URLs of links sent by email before you click (including for spelling mistakes).
  • Watch out for URL redirects (where the URL displayed when you hover over the link is different from the text).
  • Do not install applications from untrusted sources (for Android users, this means sticking to the Google Play store).
  • More generally, always take time to consider whether a request for personal information or for payment (particularly payment by cash, gift card, wire, or cryptocurrency) is appropriate, especially if a message pressures you to act quickly!

Legitimate companies and organizations do not normally request sensitive information, or the verification of an account, by email or text message, and do not send unsolicited emails that contain attachments. In addition, the U.S. government has stated that information about stimulus relief will never be sent by text or any other messaging platforms, and the IRS has advised that it will never request personal information by email, text, or social media.

Finally, make sure that your employees know that the best thing to do if they do click on a suspicious link or attachment is to alert information security immediately. Keeping that information secret only makes the problem worse.

If there does appear to be a breach, companies should contact experienced data breach counsel and a forensic investigation firm to minimize any potential litigation and enforcement risks. Counsel can:

  • Conduct a privileged review to determine the extent of the attack;
  • Identify, contain, and mitigate the attack;
  • Advise on responses to media inquiries; and
  • Coordinate notifications to affected individuals and regulators.

The Paul Hastings Privacy and Cybersecurity practice has significant experience providing counsel on responding to suspected security breaches and personal data disclosures, guiding clients through investigations by federal authorities of potential privacy-related problems, and advising on establishing privacy and information security compliance programs. If you have any questions concerning these developing issues, please do not hesitate to contact members of this team.

IsRss:
  • cybersecurity
  • client alerts

Related professionals

Linked PracticeAreas

1 comment

Leave a comment
  1. samanthajohnson | May 19, 2020
    It is an astounding just as instructive article that have a ton of extraordinary things to know. Instruction give you an expertise to help other people in their trouble. On the off chance that somebody is in a tough situation and can't pick a correct way or take a correct choice then you can likewise help other people through your insight. It’s your social duty to help other people in any trouble and help in taking right choices. Cheap essay writing service

    Leave a comment

    Client Alert

    Don’t Feed the Fish: COVID-19 Phishing Scams and Malware Attacks

    Apr 24, 2020, 06:38 AM
    Publication Type(s):
    Client Alerts
    Exlcude on home page:
    No

    Congratulations! Your entire workforce is now remote and your cyber training has effectively taught them that the prince in exile is not really going to share his millions in offshore cash if they just let him park the money in their personal bank account. But what about an email from IT stating that the company has changed its remote work settings and requesting action, a newsletter from the government detailing new Paycheck Protection Program loan information, or the secure document they receive providing information about their work colleague who was just diagnosed with COVID-19 (and they get the colleague’s name right)?

    Cyber criminals have moved quickly to take advantage of the fear and concern around COVID-19, along with increased reliance on social media to stay connected, to launch very sophisticated cyber-attacks. These range from generic “phishing” campaigns, perpetrated by sending an email—or, increasingly, a text message—that appears to originate from a trustworthy source, or “spear phishing,” where the hackers monitor social media and specifically tailor the attack to the victim.

    We previously reported on the U.S. Department of Homeland Security (“DHS”) Cybersecurity and Infrastructure Agency (“CISA”) and the U.K.’s National Cyber Security Centre (“NCSC”) joint alert discussing COVID-19-related malicious cyber activity. With several more weeks of experience, we can now see how the threat landscape is evolving. In particular, organizations should be on the lookout for the following campaigns:

    General COVID-19 Updates

    People are desperate for any news about the virus and can easily be lured into clicking on links or attachments that look like new updates. Both CISA and the NCSC have observed a large volume of email phishing campaigns with subject lines such as:

    • 2020 Coronavirus Updates
    • Coronavirus Updates
    • 2019-nCov: New confirmed cases in your City
    • 2019-nCov: Coronavirus outbreak in your city (Emergency)

    One phishing campaign delivers emails purportedly from the Director-General of the World Health Organization, Tedros Adhanom Ghebreyesus, which contain an attachment that supposedly provides information on drugs for the prevention and treatment of COVID-19. By opening this attachment, the email recipient downloads a type of malware that logs keystrokes and captures screenshots.

    Another phishing attack prompts Android users to download an app containing a COVID-19 map that appears to provide tracking and statistical information about the virus. The application in fact constitutes a type of ransomware, nicknamed “CovidLock,” which prevents victims from accessing their devices until a ransom is paid.

    Offers of Medical Supplies and Insurance

    There have also been reports of phishing emails offering medical supplies like thermometers, face masks, and COVID-19 testing kits, as well as health insurance, which solicit financial information, or attach malware. The CISA-NCSC alert describes an example of a campaign in which the attackers attach images of the medical supplies offered for sale, where the attachment instead contains a loader for a type of keylogger malware called “Agent Tesla.”

    U.S. Government Aid

    The U.S. Secret Service has reported a rise in phishing campaigns related to federal COVID-19 financial support, which request that potential victims provide personal information in order to receive stimulus funds. Some of these campaigns involve the use of spoofed email addresses posing as U.S. Treasury officials.

    The FCC has also reported a text scam claiming to be from the “FCC Financial Care Center” and offering $30,000 in COVID-19 relief, despite the fact that no such FCC program exists.

    Other U.S. Government Communications

    The Secret Service issued an alert warning corporations about fraudulent emails apparently sent by the U.S. Department for Health and Human Services (“HHS”) that request the recipient to provide personal protective equipment and thermometers, and refer to an attached product list. When the recipient opens the attachment, malware is downloaded onto the recipient’s device.

    The Better Business Bureau has also warned the public of a text scam, in which the sender impersonates HHS and informs recipients that they must take a “mandatory online COVID-19 test” by clicking on the included link.

    Other criminals have impersonated the U.S. Centers for Disease Control and Prevention in sending phishing messages, with at least one example using the spoofed sender alias CDC Health Alert and the subject line “CDC-INFO-Corona Virus [Viccine] found.”

    Updates from Business Partners and Vendors

    The Secret Service has also warned corporations about fraudulent emails posing as corporate responses to COVID-19, purportedly sent by a vendor or other member of a corporation’s supply chain, which contain malicious attachments. The alert also notes that the email attachments have frequently been a Microsoft Office or WordPad file.

    Another example includes an email phishing campaign purportedly from Group Life and Health with the subject “Important Notice to Our Corporate Clients & Partners – COVID -19.” Attached to the spam email is a .rar file entitled, “COVID-19 Communication to corporate Clients.rar,” which contains Agent Tesla, malware commonly used by criminals attacking businesses.

    Internal Corporate Communications

    Among the cybersecurity implications of an entire organization working from home (as we discuss more generally here) are increased phishing attacks taking advantage of changes in corporate policy and the use of technology as a result of COVID-19. In particular, there has been a notable increase in fraudulent emails purportedly sent by an organization’s HR or IT departments, which provide revised company guidance and procedures, or direct an individual to perform a critical IT update.

    Exposure to COVID-19

    Finally, the Secret Service has alerted the public to a particularly egregious example of phishing emails that appear to come from a hospital and inform the recipient that they may have had contact with an individual infected with COVID-19. According to the Secret Service, these emails direct the recipient to download an attached Excel file, complete a form, and bring it to the nearest emergency clinic to be tested. Of course, clicking on the attachment in fact downloads malware to the recipient’s device.

    Protecting Yourself Against COVID-19 Phishing Attempts

    Advice for recognizing and protecting yourself against phishing attempts remains the same, whether or not the attempt is COVID-related:

    • Avoid opening attachments or clicking on links in messages from email addresses or phone numbers that you do not recognize.
    • Check the email address of a sender by hovering your mouse over the “from” address (though note that criminals can forge the “from” address on email messages to make them appear to be from a legitimate email address, otherwise known as “spoofing”).
    • If you receive a suspicious email from someone you know, contact that person with a new message instead of replying to the email.
    • If you receive a suspicious email or message from a government source or a charity, go directly to the government or charity’s website to independently confirm the information contained in the email or message.
    • Check the URLs of links sent by email before you click (including for spelling mistakes).
    • Watch out for URL redirects (where the URL displayed when you hover over the link is different from the text).
    • Do not install applications from untrusted sources (for Android users, this means sticking to the Google Play store).
    • More generally, always take time to consider whether a request for personal information or for payment (particularly payment by cash, gift card, wire, or cryptocurrency) is appropriate, especially if a message pressures you to act quickly!

    Legitimate companies and organizations do not normally request sensitive information, or the verification of an account, by email or text message, and do not send unsolicited emails that contain attachments. In addition, the U.S. government has stated that information about stimulus relief will never be sent by text or any other messaging platforms, and the IRS has advised that it will never request personal information by email, text, or social media.

    Finally, make sure that your employees know that the best thing to do if they do click on a suspicious link or attachment is to alert information security immediately. Keeping that information secret only makes the problem worse.

    If there does appear to be a breach, companies should contact experienced data breach counsel and a forensic investigation firm to minimize any potential litigation and enforcement risks. Counsel can:

    • Conduct a privileged review to determine the extent of the attack;
    • Identify, contain, and mitigate the attack;
    • Advise on responses to media inquiries; and
    • Coordinate notifications to affected individuals and regulators.

    The Paul Hastings Privacy and Cybersecurity practice has significant experience providing counsel on responding to suspected security breaches and personal data disclosures, guiding clients through investigations by federal authorities of potential privacy-related problems, and advising on establishing privacy and information security compliance programs. If you have any questions concerning these developing issues, please do not hesitate to contact members of this team.

    IsRss:
    • cybersecurity
    • client alerts

    Related professionals

    Linked PracticeAreas

    1 comment

    Leave a comment
    1. samanthajohnson | May 19, 2020
      It is an astounding just as instructive article that have a ton of extraordinary things to know. Instruction give you an expertise to help other people in their trouble. On the off chance that somebody is in a tough situation and can't pick a correct way or take a correct choice then you can likewise help other people through your insight. It’s your social duty to help other people in any trouble and help in taking right choices. Cheap essay writing service

      Leave a comment

      LABOR & EMPLOYMENT

      Don’t Feed the Fish: COVID-19 Phishing Scams and Malware Attacks

      Apr 24, 2020, 06:38 AM
      Publication Type(s):
      Client Alerts
      Exlcude on home page:
      No

      Congratulations! Your entire workforce is now remote and your cyber training has effectively taught them that the prince in exile is not really going to share his millions in offshore cash if they just let him park the money in their personal bank account. But what about an email from IT stating that the company has changed its remote work settings and requesting action, a newsletter from the government detailing new Paycheck Protection Program loan information, or the secure document they receive providing information about their work colleague who was just diagnosed with COVID-19 (and they get the colleague’s name right)?

      Cyber criminals have moved quickly to take advantage of the fear and concern around COVID-19, along with increased reliance on social media to stay connected, to launch very sophisticated cyber-attacks. These range from generic “phishing” campaigns, perpetrated by sending an email—or, increasingly, a text message—that appears to originate from a trustworthy source, or “spear phishing,” where the hackers monitor social media and specifically tailor the attack to the victim.

      We previously reported on the U.S. Department of Homeland Security (“DHS”) Cybersecurity and Infrastructure Agency (“CISA”) and the U.K.’s National Cyber Security Centre (“NCSC”) joint alert discussing COVID-19-related malicious cyber activity. With several more weeks of experience, we can now see how the threat landscape is evolving. In particular, organizations should be on the lookout for the following campaigns:

      General COVID-19 Updates

      People are desperate for any news about the virus and can easily be lured into clicking on links or attachments that look like new updates. Both CISA and the NCSC have observed a large volume of email phishing campaigns with subject lines such as:

      • 2020 Coronavirus Updates
      • Coronavirus Updates
      • 2019-nCov: New confirmed cases in your City
      • 2019-nCov: Coronavirus outbreak in your city (Emergency)

      One phishing campaign delivers emails purportedly from the Director-General of the World Health Organization, Tedros Adhanom Ghebreyesus, which contain an attachment that supposedly provides information on drugs for the prevention and treatment of COVID-19. By opening this attachment, the email recipient downloads a type of malware that logs keystrokes and captures screenshots.

      Another phishing attack prompts Android users to download an app containing a COVID-19 map that appears to provide tracking and statistical information about the virus. The application in fact constitutes a type of ransomware, nicknamed “CovidLock,” which prevents victims from accessing their devices until a ransom is paid.

      Offers of Medical Supplies and Insurance

      There have also been reports of phishing emails offering medical supplies like thermometers, face masks, and COVID-19 testing kits, as well as health insurance, which solicit financial information, or attach malware. The CISA-NCSC alert describes an example of a campaign in which the attackers attach images of the medical supplies offered for sale, where the attachment instead contains a loader for a type of keylogger malware called “Agent Tesla.”

      U.S. Government Aid

      The U.S. Secret Service has reported a rise in phishing campaigns related to federal COVID-19 financial support, which request that potential victims provide personal information in order to receive stimulus funds. Some of these campaigns involve the use of spoofed email addresses posing as U.S. Treasury officials.

      The FCC has also reported a text scam claiming to be from the “FCC Financial Care Center” and offering $30,000 in COVID-19 relief, despite the fact that no such FCC program exists.

      Other U.S. Government Communications

      The Secret Service issued an alert warning corporations about fraudulent emails apparently sent by the U.S. Department for Health and Human Services (“HHS”) that request the recipient to provide personal protective equipment and thermometers, and refer to an attached product list. When the recipient opens the attachment, malware is downloaded onto the recipient’s device.

      The Better Business Bureau has also warned the public of a text scam, in which the sender impersonates HHS and informs recipients that they must take a “mandatory online COVID-19 test” by clicking on the included link.

      Other criminals have impersonated the U.S. Centers for Disease Control and Prevention in sending phishing messages, with at least one example using the spoofed sender alias CDC Health Alert and the subject line “CDC-INFO-Corona Virus [Viccine] found.”

      Updates from Business Partners and Vendors

      The Secret Service has also warned corporations about fraudulent emails posing as corporate responses to COVID-19, purportedly sent by a vendor or other member of a corporation’s supply chain, which contain malicious attachments. The alert also notes that the email attachments have frequently been a Microsoft Office or WordPad file.

      Another example includes an email phishing campaign purportedly from Group Life and Health with the subject “Important Notice to Our Corporate Clients & Partners – COVID -19.” Attached to the spam email is a .rar file entitled, “COVID-19 Communication to corporate Clients.rar,” which contains Agent Tesla, malware commonly used by criminals attacking businesses.

      Internal Corporate Communications

      Among the cybersecurity implications of an entire organization working from home (as we discuss more generally here) are increased phishing attacks taking advantage of changes in corporate policy and the use of technology as a result of COVID-19. In particular, there has been a notable increase in fraudulent emails purportedly sent by an organization’s HR or IT departments, which provide revised company guidance and procedures, or direct an individual to perform a critical IT update.

      Exposure to COVID-19

      Finally, the Secret Service has alerted the public to a particularly egregious example of phishing emails that appear to come from a hospital and inform the recipient that they may have had contact with an individual infected with COVID-19. According to the Secret Service, these emails direct the recipient to download an attached Excel file, complete a form, and bring it to the nearest emergency clinic to be tested. Of course, clicking on the attachment in fact downloads malware to the recipient’s device.

      Protecting Yourself Against COVID-19 Phishing Attempts

      Advice for recognizing and protecting yourself against phishing attempts remains the same, whether or not the attempt is COVID-related:

      • Avoid opening attachments or clicking on links in messages from email addresses or phone numbers that you do not recognize.
      • Check the email address of a sender by hovering your mouse over the “from” address (though note that criminals can forge the “from” address on email messages to make them appear to be from a legitimate email address, otherwise known as “spoofing”).
      • If you receive a suspicious email from someone you know, contact that person with a new message instead of replying to the email.
      • If you receive a suspicious email or message from a government source or a charity, go directly to the government or charity’s website to independently confirm the information contained in the email or message.
      • Check the URLs of links sent by email before you click (including for spelling mistakes).
      • Watch out for URL redirects (where the URL displayed when you hover over the link is different from the text).
      • Do not install applications from untrusted sources (for Android users, this means sticking to the Google Play store).
      • More generally, always take time to consider whether a request for personal information or for payment (particularly payment by cash, gift card, wire, or cryptocurrency) is appropriate, especially if a message pressures you to act quickly!

      Legitimate companies and organizations do not normally request sensitive information, or the verification of an account, by email or text message, and do not send unsolicited emails that contain attachments. In addition, the U.S. government has stated that information about stimulus relief will never be sent by text or any other messaging platforms, and the IRS has advised that it will never request personal information by email, text, or social media.

      Finally, make sure that your employees know that the best thing to do if they do click on a suspicious link or attachment is to alert information security immediately. Keeping that information secret only makes the problem worse.

      If there does appear to be a breach, companies should contact experienced data breach counsel and a forensic investigation firm to minimize any potential litigation and enforcement risks. Counsel can:

      • Conduct a privileged review to determine the extent of the attack;
      • Identify, contain, and mitigate the attack;
      • Advise on responses to media inquiries; and
      • Coordinate notifications to affected individuals and regulators.

      The Paul Hastings Privacy and Cybersecurity practice has significant experience providing counsel on responding to suspected security breaches and personal data disclosures, guiding clients through investigations by federal authorities of potential privacy-related problems, and advising on establishing privacy and information security compliance programs. If you have any questions concerning these developing issues, please do not hesitate to contact members of this team.

      IsRss:
      • cybersecurity
      • client alerts

      Related professionals

      Linked PracticeAreas

      1 comment

      Leave a comment
      1. samanthajohnson | May 19, 2020
        It is an astounding just as instructive article that have a ton of extraordinary things to know. Instruction give you an expertise to help other people in their trouble. On the off chance that somebody is in a tough situation and can't pick a correct way or take a correct choice then you can likewise help other people through your insight. It’s your social duty to help other people in any trouble and help in taking right choices. Cheap essay writing service

        Leave a comment

        FINANCIAL REGULATION & THE CARES ACT

        Don’t Feed the Fish: COVID-19 Phishing Scams and Malware Attacks

        Apr 24, 2020, 06:38 AM
        Publication Type(s):
        Client Alerts
        Exlcude on home page:
        No

        Congratulations! Your entire workforce is now remote and your cyber training has effectively taught them that the prince in exile is not really going to share his millions in offshore cash if they just let him park the money in their personal bank account. But what about an email from IT stating that the company has changed its remote work settings and requesting action, a newsletter from the government detailing new Paycheck Protection Program loan information, or the secure document they receive providing information about their work colleague who was just diagnosed with COVID-19 (and they get the colleague’s name right)?

        Cyber criminals have moved quickly to take advantage of the fear and concern around COVID-19, along with increased reliance on social media to stay connected, to launch very sophisticated cyber-attacks. These range from generic “phishing” campaigns, perpetrated by sending an email—or, increasingly, a text message—that appears to originate from a trustworthy source, or “spear phishing,” where the hackers monitor social media and specifically tailor the attack to the victim.

        We previously reported on the U.S. Department of Homeland Security (“DHS”) Cybersecurity and Infrastructure Agency (“CISA”) and the U.K.’s National Cyber Security Centre (“NCSC”) joint alert discussing COVID-19-related malicious cyber activity. With several more weeks of experience, we can now see how the threat landscape is evolving. In particular, organizations should be on the lookout for the following campaigns:

        General COVID-19 Updates

        People are desperate for any news about the virus and can easily be lured into clicking on links or attachments that look like new updates. Both CISA and the NCSC have observed a large volume of email phishing campaigns with subject lines such as:

        • 2020 Coronavirus Updates
        • Coronavirus Updates
        • 2019-nCov: New confirmed cases in your City
        • 2019-nCov: Coronavirus outbreak in your city (Emergency)

        One phishing campaign delivers emails purportedly from the Director-General of the World Health Organization, Tedros Adhanom Ghebreyesus, which contain an attachment that supposedly provides information on drugs for the prevention and treatment of COVID-19. By opening this attachment, the email recipient downloads a type of malware that logs keystrokes and captures screenshots.

        Another phishing attack prompts Android users to download an app containing a COVID-19 map that appears to provide tracking and statistical information about the virus. The application in fact constitutes a type of ransomware, nicknamed “CovidLock,” which prevents victims from accessing their devices until a ransom is paid.

        Offers of Medical Supplies and Insurance

        There have also been reports of phishing emails offering medical supplies like thermometers, face masks, and COVID-19 testing kits, as well as health insurance, which solicit financial information, or attach malware. The CISA-NCSC alert describes an example of a campaign in which the attackers attach images of the medical supplies offered for sale, where the attachment instead contains a loader for a type of keylogger malware called “Agent Tesla.”

        U.S. Government Aid

        The U.S. Secret Service has reported a rise in phishing campaigns related to federal COVID-19 financial support, which request that potential victims provide personal information in order to receive stimulus funds. Some of these campaigns involve the use of spoofed email addresses posing as U.S. Treasury officials.

        The FCC has also reported a text scam claiming to be from the “FCC Financial Care Center” and offering $30,000 in COVID-19 relief, despite the fact that no such FCC program exists.

        Other U.S. Government Communications

        The Secret Service issued an alert warning corporations about fraudulent emails apparently sent by the U.S. Department for Health and Human Services (“HHS”) that request the recipient to provide personal protective equipment and thermometers, and refer to an attached product list. When the recipient opens the attachment, malware is downloaded onto the recipient’s device.

        The Better Business Bureau has also warned the public of a text scam, in which the sender impersonates HHS and informs recipients that they must take a “mandatory online COVID-19 test” by clicking on the included link.

        Other criminals have impersonated the U.S. Centers for Disease Control and Prevention in sending phishing messages, with at least one example using the spoofed sender alias CDC Health Alert and the subject line “CDC-INFO-Corona Virus [Viccine] found.”

        Updates from Business Partners and Vendors

        The Secret Service has also warned corporations about fraudulent emails posing as corporate responses to COVID-19, purportedly sent by a vendor or other member of a corporation’s supply chain, which contain malicious attachments. The alert also notes that the email attachments have frequently been a Microsoft Office or WordPad file.

        Another example includes an email phishing campaign purportedly from Group Life and Health with the subject “Important Notice to Our Corporate Clients & Partners – COVID -19.” Attached to the spam email is a .rar file entitled, “COVID-19 Communication to corporate Clients.rar,” which contains Agent Tesla, malware commonly used by criminals attacking businesses.

        Internal Corporate Communications

        Among the cybersecurity implications of an entire organization working from home (as we discuss more generally here) are increased phishing attacks taking advantage of changes in corporate policy and the use of technology as a result of COVID-19. In particular, there has been a notable increase in fraudulent emails purportedly sent by an organization’s HR or IT departments, which provide revised company guidance and procedures, or direct an individual to perform a critical IT update.

        Exposure to COVID-19

        Finally, the Secret Service has alerted the public to a particularly egregious example of phishing emails that appear to come from a hospital and inform the recipient that they may have had contact with an individual infected with COVID-19. According to the Secret Service, these emails direct the recipient to download an attached Excel file, complete a form, and bring it to the nearest emergency clinic to be tested. Of course, clicking on the attachment in fact downloads malware to the recipient’s device.

        Protecting Yourself Against COVID-19 Phishing Attempts

        Advice for recognizing and protecting yourself against phishing attempts remains the same, whether or not the attempt is COVID-related:

        • Avoid opening attachments or clicking on links in messages from email addresses or phone numbers that you do not recognize.
        • Check the email address of a sender by hovering your mouse over the “from” address (though note that criminals can forge the “from” address on email messages to make them appear to be from a legitimate email address, otherwise known as “spoofing”).
        • If you receive a suspicious email from someone you know, contact that person with a new message instead of replying to the email.
        • If you receive a suspicious email or message from a government source or a charity, go directly to the government or charity’s website to independently confirm the information contained in the email or message.
        • Check the URLs of links sent by email before you click (including for spelling mistakes).
        • Watch out for URL redirects (where the URL displayed when you hover over the link is different from the text).
        • Do not install applications from untrusted sources (for Android users, this means sticking to the Google Play store).
        • More generally, always take time to consider whether a request for personal information or for payment (particularly payment by cash, gift card, wire, or cryptocurrency) is appropriate, especially if a message pressures you to act quickly!

        Legitimate companies and organizations do not normally request sensitive information, or the verification of an account, by email or text message, and do not send unsolicited emails that contain attachments. In addition, the U.S. government has stated that information about stimulus relief will never be sent by text or any other messaging platforms, and the IRS has advised that it will never request personal information by email, text, or social media.

        Finally, make sure that your employees know that the best thing to do if they do click on a suspicious link or attachment is to alert information security immediately. Keeping that information secret only makes the problem worse.

        If there does appear to be a breach, companies should contact experienced data breach counsel and a forensic investigation firm to minimize any potential litigation and enforcement risks. Counsel can:

        • Conduct a privileged review to determine the extent of the attack;
        • Identify, contain, and mitigate the attack;
        • Advise on responses to media inquiries; and
        • Coordinate notifications to affected individuals and regulators.

        The Paul Hastings Privacy and Cybersecurity practice has significant experience providing counsel on responding to suspected security breaches and personal data disclosures, guiding clients through investigations by federal authorities of potential privacy-related problems, and advising on establishing privacy and information security compliance programs. If you have any questions concerning these developing issues, please do not hesitate to contact members of this team.

        IsRss:
        • cybersecurity
        • client alerts

        Related professionals

        Linked PracticeAreas

        1 comment

        Leave a comment
        1. samanthajohnson | May 19, 2020
          It is an astounding just as instructive article that have a ton of extraordinary things to know. Instruction give you an expertise to help other people in their trouble. On the off chance that somebody is in a tough situation and can't pick a correct way or take a correct choice then you can likewise help other people through your insight. It’s your social duty to help other people in any trouble and help in taking right choices. Cheap essay writing service

          Leave a comment

          ASSET MANAGEMENT

          Don’t Feed the Fish: COVID-19 Phishing Scams and Malware Attacks

          Apr 24, 2020, 06:38 AM
          Publication Type(s):
          Client Alerts
          Exlcude on home page:
          No

          Congratulations! Your entire workforce is now remote and your cyber training has effectively taught them that the prince in exile is not really going to share his millions in offshore cash if they just let him park the money in their personal bank account. But what about an email from IT stating that the company has changed its remote work settings and requesting action, a newsletter from the government detailing new Paycheck Protection Program loan information, or the secure document they receive providing information about their work colleague who was just diagnosed with COVID-19 (and they get the colleague’s name right)?

          Cyber criminals have moved quickly to take advantage of the fear and concern around COVID-19, along with increased reliance on social media to stay connected, to launch very sophisticated cyber-attacks. These range from generic “phishing” campaigns, perpetrated by sending an email—or, increasingly, a text message—that appears to originate from a trustworthy source, or “spear phishing,” where the hackers monitor social media and specifically tailor the attack to the victim.

          We previously reported on the U.S. Department of Homeland Security (“DHS”) Cybersecurity and Infrastructure Agency (“CISA”) and the U.K.’s National Cyber Security Centre (“NCSC”) joint alert discussing COVID-19-related malicious cyber activity. With several more weeks of experience, we can now see how the threat landscape is evolving. In particular, organizations should be on the lookout for the following campaigns:

          General COVID-19 Updates

          People are desperate for any news about the virus and can easily be lured into clicking on links or attachments that look like new updates. Both CISA and the NCSC have observed a large volume of email phishing campaigns with subject lines such as:

          • 2020 Coronavirus Updates
          • Coronavirus Updates
          • 2019-nCov: New confirmed cases in your City
          • 2019-nCov: Coronavirus outbreak in your city (Emergency)

          One phishing campaign delivers emails purportedly from the Director-General of the World Health Organization, Tedros Adhanom Ghebreyesus, which contain an attachment that supposedly provides information on drugs for the prevention and treatment of COVID-19. By opening this attachment, the email recipient downloads a type of malware that logs keystrokes and captures screenshots.

          Another phishing attack prompts Android users to download an app containing a COVID-19 map that appears to provide tracking and statistical information about the virus. The application in fact constitutes a type of ransomware, nicknamed “CovidLock,” which prevents victims from accessing their devices until a ransom is paid.

          Offers of Medical Supplies and Insurance

          There have also been reports of phishing emails offering medical supplies like thermometers, face masks, and COVID-19 testing kits, as well as health insurance, which solicit financial information, or attach malware. The CISA-NCSC alert describes an example of a campaign in which the attackers attach images of the medical supplies offered for sale, where the attachment instead contains a loader for a type of keylogger malware called “Agent Tesla.”

          U.S. Government Aid

          The U.S. Secret Service has reported a rise in phishing campaigns related to federal COVID-19 financial support, which request that potential victims provide personal information in order to receive stimulus funds. Some of these campaigns involve the use of spoofed email addresses posing as U.S. Treasury officials.

          The FCC has also reported a text scam claiming to be from the “FCC Financial Care Center” and offering $30,000 in COVID-19 relief, despite the fact that no such FCC program exists.

          Other U.S. Government Communications

          The Secret Service issued an alert warning corporations about fraudulent emails apparently sent by the U.S. Department for Health and Human Services (“HHS”) that request the recipient to provide personal protective equipment and thermometers, and refer to an attached product list. When the recipient opens the attachment, malware is downloaded onto the recipient’s device.

          The Better Business Bureau has also warned the public of a text scam, in which the sender impersonates HHS and informs recipients that they must take a “mandatory online COVID-19 test” by clicking on the included link.

          Other criminals have impersonated the U.S. Centers for Disease Control and Prevention in sending phishing messages, with at least one example using the spoofed sender alias CDC Health Alert and the subject line “CDC-INFO-Corona Virus [Viccine] found.”

          Updates from Business Partners and Vendors

          The Secret Service has also warned corporations about fraudulent emails posing as corporate responses to COVID-19, purportedly sent by a vendor or other member of a corporation’s supply chain, which contain malicious attachments. The alert also notes that the email attachments have frequently been a Microsoft Office or WordPad file.

          Another example includes an email phishing campaign purportedly from Group Life and Health with the subject “Important Notice to Our Corporate Clients & Partners – COVID -19.” Attached to the spam email is a .rar file entitled, “COVID-19 Communication to corporate Clients.rar,” which contains Agent Tesla, malware commonly used by criminals attacking businesses.

          Internal Corporate Communications

          Among the cybersecurity implications of an entire organization working from home (as we discuss more generally here) are increased phishing attacks taking advantage of changes in corporate policy and the use of technology as a result of COVID-19. In particular, there has been a notable increase in fraudulent emails purportedly sent by an organization’s HR or IT departments, which provide revised company guidance and procedures, or direct an individual to perform a critical IT update.

          Exposure to COVID-19

          Finally, the Secret Service has alerted the public to a particularly egregious example of phishing emails that appear to come from a hospital and inform the recipient that they may have had contact with an individual infected with COVID-19. According to the Secret Service, these emails direct the recipient to download an attached Excel file, complete a form, and bring it to the nearest emergency clinic to be tested. Of course, clicking on the attachment in fact downloads malware to the recipient’s device.

          Protecting Yourself Against COVID-19 Phishing Attempts

          Advice for recognizing and protecting yourself against phishing attempts remains the same, whether or not the attempt is COVID-related:

          • Avoid opening attachments or clicking on links in messages from email addresses or phone numbers that you do not recognize.
          • Check the email address of a sender by hovering your mouse over the “from” address (though note that criminals can forge the “from” address on email messages to make them appear to be from a legitimate email address, otherwise known as “spoofing”).
          • If you receive a suspicious email from someone you know, contact that person with a new message instead of replying to the email.
          • If you receive a suspicious email or message from a government source or a charity, go directly to the government or charity’s website to independently confirm the information contained in the email or message.
          • Check the URLs of links sent by email before you click (including for spelling mistakes).
          • Watch out for URL redirects (where the URL displayed when you hover over the link is different from the text).
          • Do not install applications from untrusted sources (for Android users, this means sticking to the Google Play store).
          • More generally, always take time to consider whether a request for personal information or for payment (particularly payment by cash, gift card, wire, or cryptocurrency) is appropriate, especially if a message pressures you to act quickly!

          Legitimate companies and organizations do not normally request sensitive information, or the verification of an account, by email or text message, and do not send unsolicited emails that contain attachments. In addition, the U.S. government has stated that information about stimulus relief will never be sent by text or any other messaging platforms, and the IRS has advised that it will never request personal information by email, text, or social media.

          Finally, make sure that your employees know that the best thing to do if they do click on a suspicious link or attachment is to alert information security immediately. Keeping that information secret only makes the problem worse.

          If there does appear to be a breach, companies should contact experienced data breach counsel and a forensic investigation firm to minimize any potential litigation and enforcement risks. Counsel can:

          • Conduct a privileged review to determine the extent of the attack;
          • Identify, contain, and mitigate the attack;
          • Advise on responses to media inquiries; and
          • Coordinate notifications to affected individuals and regulators.

          The Paul Hastings Privacy and Cybersecurity practice has significant experience providing counsel on responding to suspected security breaches and personal data disclosures, guiding clients through investigations by federal authorities of potential privacy-related problems, and advising on establishing privacy and information security compliance programs. If you have any questions concerning these developing issues, please do not hesitate to contact members of this team.

          IsRss:
          • cybersecurity
          • client alerts

          Related professionals

          Linked PracticeAreas

          1 comment

          Leave a comment
          1. samanthajohnson | May 19, 2020
            It is an astounding just as instructive article that have a ton of extraordinary things to know. Instruction give you an expertise to help other people in their trouble. On the off chance that somebody is in a tough situation and can't pick a correct way or take a correct choice then you can likewise help other people through your insight. It’s your social duty to help other people in any trouble and help in taking right choices. Cheap essay writing service

            Leave a comment

            TAX LAW

            Don’t Feed the Fish: COVID-19 Phishing Scams and Malware Attacks

            Apr 24, 2020, 06:38 AM
            Publication Type(s):
            Client Alerts
            Exlcude on home page:
            No

            Congratulations! Your entire workforce is now remote and your cyber training has effectively taught them that the prince in exile is not really going to share his millions in offshore cash if they just let him park the money in their personal bank account. But what about an email from IT stating that the company has changed its remote work settings and requesting action, a newsletter from the government detailing new Paycheck Protection Program loan information, or the secure document they receive providing information about their work colleague who was just diagnosed with COVID-19 (and they get the colleague’s name right)?

            Cyber criminals have moved quickly to take advantage of the fear and concern around COVID-19, along with increased reliance on social media to stay connected, to launch very sophisticated cyber-attacks. These range from generic “phishing” campaigns, perpetrated by sending an email—or, increasingly, a text message—that appears to originate from a trustworthy source, or “spear phishing,” where the hackers monitor social media and specifically tailor the attack to the victim.

            We previously reported on the U.S. Department of Homeland Security (“DHS”) Cybersecurity and Infrastructure Agency (“CISA”) and the U.K.’s National Cyber Security Centre (“NCSC”) joint alert discussing COVID-19-related malicious cyber activity. With several more weeks of experience, we can now see how the threat landscape is evolving. In particular, organizations should be on the lookout for the following campaigns:

            General COVID-19 Updates

            People are desperate for any news about the virus and can easily be lured into clicking on links or attachments that look like new updates. Both CISA and the NCSC have observed a large volume of email phishing campaigns with subject lines such as:

            • 2020 Coronavirus Updates
            • Coronavirus Updates
            • 2019-nCov: New confirmed cases in your City
            • 2019-nCov: Coronavirus outbreak in your city (Emergency)

            One phishing campaign delivers emails purportedly from the Director-General of the World Health Organization, Tedros Adhanom Ghebreyesus, which contain an attachment that supposedly provides information on drugs for the prevention and treatment of COVID-19. By opening this attachment, the email recipient downloads a type of malware that logs keystrokes and captures screenshots.

            Another phishing attack prompts Android users to download an app containing a COVID-19 map that appears to provide tracking and statistical information about the virus. The application in fact constitutes a type of ransomware, nicknamed “CovidLock,” which prevents victims from accessing their devices until a ransom is paid.

            Offers of Medical Supplies and Insurance

            There have also been reports of phishing emails offering medical supplies like thermometers, face masks, and COVID-19 testing kits, as well as health insurance, which solicit financial information, or attach malware. The CISA-NCSC alert describes an example of a campaign in which the attackers attach images of the medical supplies offered for sale, where the attachment instead contains a loader for a type of keylogger malware called “Agent Tesla.”

            U.S. Government Aid

            The U.S. Secret Service has reported a rise in phishing campaigns related to federal COVID-19 financial support, which request that potential victims provide personal information in order to receive stimulus funds. Some of these campaigns involve the use of spoofed email addresses posing as U.S. Treasury officials.

            The FCC has also reported a text scam claiming to be from the “FCC Financial Care Center” and offering $30,000 in COVID-19 relief, despite the fact that no such FCC program exists.

            Other U.S. Government Communications

            The Secret Service issued an alert warning corporations about fraudulent emails apparently sent by the U.S. Department for Health and Human Services (“HHS”) that request the recipient to provide personal protective equipment and thermometers, and refer to an attached product list. When the recipient opens the attachment, malware is downloaded onto the recipient’s device.

            The Better Business Bureau has also warned the public of a text scam, in which the sender impersonates HHS and informs recipients that they must take a “mandatory online COVID-19 test” by clicking on the included link.

            Other criminals have impersonated the U.S. Centers for Disease Control and Prevention in sending phishing messages, with at least one example using the spoofed sender alias CDC Health Alert and the subject line “CDC-INFO-Corona Virus [Viccine] found.”

            Updates from Business Partners and Vendors

            The Secret Service has also warned corporations about fraudulent emails posing as corporate responses to COVID-19, purportedly sent by a vendor or other member of a corporation’s supply chain, which contain malicious attachments. The alert also notes that the email attachments have frequently been a Microsoft Office or WordPad file.

            Another example includes an email phishing campaign purportedly from Group Life and Health with the subject “Important Notice to Our Corporate Clients & Partners – COVID -19.” Attached to the spam email is a .rar file entitled, “COVID-19 Communication to corporate Clients.rar,” which contains Agent Tesla, malware commonly used by criminals attacking businesses.

            Internal Corporate Communications

            Among the cybersecurity implications of an entire organization working from home (as we discuss more generally here) are increased phishing attacks taking advantage of changes in corporate policy and the use of technology as a result of COVID-19. In particular, there has been a notable increase in fraudulent emails purportedly sent by an organization’s HR or IT departments, which provide revised company guidance and procedures, or direct an individual to perform a critical IT update.

            Exposure to COVID-19

            Finally, the Secret Service has alerted the public to a particularly egregious example of phishing emails that appear to come from a hospital and inform the recipient that they may have had contact with an individual infected with COVID-19. According to the Secret Service, these emails direct the recipient to download an attached Excel file, complete a form, and bring it to the nearest emergency clinic to be tested. Of course, clicking on the attachment in fact downloads malware to the recipient’s device.

            Protecting Yourself Against COVID-19 Phishing Attempts

            Advice for recognizing and protecting yourself against phishing attempts remains the same, whether or not the attempt is COVID-related:

            • Avoid opening attachments or clicking on links in messages from email addresses or phone numbers that you do not recognize.
            • Check the email address of a sender by hovering your mouse over the “from” address (though note that criminals can forge the “from” address on email messages to make them appear to be from a legitimate email address, otherwise known as “spoofing”).
            • If you receive a suspicious email from someone you know, contact that person with a new message instead of replying to the email.
            • If you receive a suspicious email or message from a government source or a charity, go directly to the government or charity’s website to independently confirm the information contained in the email or message.
            • Check the URLs of links sent by email before you click (including for spelling mistakes).
            • Watch out for URL redirects (where the URL displayed when you hover over the link is different from the text).
            • Do not install applications from untrusted sources (for Android users, this means sticking to the Google Play store).
            • More generally, always take time to consider whether a request for personal information or for payment (particularly payment by cash, gift card, wire, or cryptocurrency) is appropriate, especially if a message pressures you to act quickly!

            Legitimate companies and organizations do not normally request sensitive information, or the verification of an account, by email or text message, and do not send unsolicited emails that contain attachments. In addition, the U.S. government has stated that information about stimulus relief will never be sent by text or any other messaging platforms, and the IRS has advised that it will never request personal information by email, text, or social media.

            Finally, make sure that your employees know that the best thing to do if they do click on a suspicious link or attachment is to alert information security immediately. Keeping that information secret only makes the problem worse.

            If there does appear to be a breach, companies should contact experienced data breach counsel and a forensic investigation firm to minimize any potential litigation and enforcement risks. Counsel can:

            • Conduct a privileged review to determine the extent of the attack;
            • Identify, contain, and mitigate the attack;
            • Advise on responses to media inquiries; and
            • Coordinate notifications to affected individuals and regulators.

            The Paul Hastings Privacy and Cybersecurity practice has significant experience providing counsel on responding to suspected security breaches and personal data disclosures, guiding clients through investigations by federal authorities of potential privacy-related problems, and advising on establishing privacy and information security compliance programs. If you have any questions concerning these developing issues, please do not hesitate to contact members of this team.

            IsRss:
            • cybersecurity
            • client alerts

            Related professionals

            Linked PracticeAreas

            1 comment

            Leave a comment
            1. samanthajohnson | May 19, 2020
              It is an astounding just as instructive article that have a ton of extraordinary things to know. Instruction give you an expertise to help other people in their trouble. On the off chance that somebody is in a tough situation and can't pick a correct way or take a correct choice then you can likewise help other people through your insight. It’s your social duty to help other people in any trouble and help in taking right choices. Cheap essay writing service

              Leave a comment

              REAL ESTATE & HOSPITALITY

              Don’t Feed the Fish: COVID-19 Phishing Scams and Malware Attacks

              Apr 24, 2020, 06:38 AM
              Publication Type(s):
              Client Alerts
              Exlcude on home page:
              No

              Congratulations! Your entire workforce is now remote and your cyber training has effectively taught them that the prince in exile is not really going to share his millions in offshore cash if they just let him park the money in their personal bank account. But what about an email from IT stating that the company has changed its remote work settings and requesting action, a newsletter from the government detailing new Paycheck Protection Program loan information, or the secure document they receive providing information about their work colleague who was just diagnosed with COVID-19 (and they get the colleague’s name right)?

              Cyber criminals have moved quickly to take advantage of the fear and concern around COVID-19, along with increased reliance on social media to stay connected, to launch very sophisticated cyber-attacks. These range from generic “phishing” campaigns, perpetrated by sending an email—or, increasingly, a text message—that appears to originate from a trustworthy source, or “spear phishing,” where the hackers monitor social media and specifically tailor the attack to the victim.

              We previously reported on the U.S. Department of Homeland Security (“DHS”) Cybersecurity and Infrastructure Agency (“CISA”) and the U.K.’s National Cyber Security Centre (“NCSC”) joint alert discussing COVID-19-related malicious cyber activity. With several more weeks of experience, we can now see how the threat landscape is evolving. In particular, organizations should be on the lookout for the following campaigns:

              General COVID-19 Updates

              People are desperate for any news about the virus and can easily be lured into clicking on links or attachments that look like new updates. Both CISA and the NCSC have observed a large volume of email phishing campaigns with subject lines such as:

              • 2020 Coronavirus Updates
              • Coronavirus Updates
              • 2019-nCov: New confirmed cases in your City
              • 2019-nCov: Coronavirus outbreak in your city (Emergency)

              One phishing campaign delivers emails purportedly from the Director-General of the World Health Organization, Tedros Adhanom Ghebreyesus, which contain an attachment that supposedly provides information on drugs for the prevention and treatment of COVID-19. By opening this attachment, the email recipient downloads a type of malware that logs keystrokes and captures screenshots.

              Another phishing attack prompts Android users to download an app containing a COVID-19 map that appears to provide tracking and statistical information about the virus. The application in fact constitutes a type of ransomware, nicknamed “CovidLock,” which prevents victims from accessing their devices until a ransom is paid.

              Offers of Medical Supplies and Insurance

              There have also been reports of phishing emails offering medical supplies like thermometers, face masks, and COVID-19 testing kits, as well as health insurance, which solicit financial information, or attach malware. The CISA-NCSC alert describes an example of a campaign in which the attackers attach images of the medical supplies offered for sale, where the attachment instead contains a loader for a type of keylogger malware called “Agent Tesla.”

              U.S. Government Aid

              The U.S. Secret Service has reported a rise in phishing campaigns related to federal COVID-19 financial support, which request that potential victims provide personal information in order to receive stimulus funds. Some of these campaigns involve the use of spoofed email addresses posing as U.S. Treasury officials.

              The FCC has also reported a text scam claiming to be from the “FCC Financial Care Center” and offering $30,000 in COVID-19 relief, despite the fact that no such FCC program exists.

              Other U.S. Government Communications

              The Secret Service issued an alert warning corporations about fraudulent emails apparently sent by the U.S. Department for Health and Human Services (“HHS”) that request the recipient to provide personal protective equipment and thermometers, and refer to an attached product list. When the recipient opens the attachment, malware is downloaded onto the recipient’s device.

              The Better Business Bureau has also warned the public of a text scam, in which the sender impersonates HHS and informs recipients that they must take a “mandatory online COVID-19 test” by clicking on the included link.

              Other criminals have impersonated the U.S. Centers for Disease Control and Prevention in sending phishing messages, with at least one example using the spoofed sender alias CDC Health Alert and the subject line “CDC-INFO-Corona Virus [Viccine] found.”

              Updates from Business Partners and Vendors

              The Secret Service has also warned corporations about fraudulent emails posing as corporate responses to COVID-19, purportedly sent by a vendor or other member of a corporation’s supply chain, which contain malicious attachments. The alert also notes that the email attachments have frequently been a Microsoft Office or WordPad file.

              Another example includes an email phishing campaign purportedly from Group Life and Health with the subject “Important Notice to Our Corporate Clients & Partners – COVID -19.” Attached to the spam email is a .rar file entitled, “COVID-19 Communication to corporate Clients.rar,” which contains Agent Tesla, malware commonly used by criminals attacking businesses.

              Internal Corporate Communications

              Among the cybersecurity implications of an entire organization working from home (as we discuss more generally here) are increased phishing attacks taking advantage of changes in corporate policy and the use of technology as a result of COVID-19. In particular, there has been a notable increase in fraudulent emails purportedly sent by an organization’s HR or IT departments, which provide revised company guidance and procedures, or direct an individual to perform a critical IT update.

              Exposure to COVID-19

              Finally, the Secret Service has alerted the public to a particularly egregious example of phishing emails that appear to come from a hospital and inform the recipient that they may have had contact with an individual infected with COVID-19. According to the Secret Service, these emails direct the recipient to download an attached Excel file, complete a form, and bring it to the nearest emergency clinic to be tested. Of course, clicking on the attachment in fact downloads malware to the recipient’s device.

              Protecting Yourself Against COVID-19 Phishing Attempts

              Advice for recognizing and protecting yourself against phishing attempts remains the same, whether or not the attempt is COVID-related:

              • Avoid opening attachments or clicking on links in messages from email addresses or phone numbers that you do not recognize.
              • Check the email address of a sender by hovering your mouse over the “from” address (though note that criminals can forge the “from” address on email messages to make them appear to be from a legitimate email address, otherwise known as “spoofing”).
              • If you receive a suspicious email from someone you know, contact that person with a new message instead of replying to the email.
              • If you receive a suspicious email or message from a government source or a charity, go directly to the government or charity’s website to independently confirm the information contained in the email or message.
              • Check the URLs of links sent by email before you click (including for spelling mistakes).
              • Watch out for URL redirects (where the URL displayed when you hover over the link is different from the text).
              • Do not install applications from untrusted sources (for Android users, this means sticking to the Google Play store).
              • More generally, always take time to consider whether a request for personal information or for payment (particularly payment by cash, gift card, wire, or cryptocurrency) is appropriate, especially if a message pressures you to act quickly!

              Legitimate companies and organizations do not normally request sensitive information, or the verification of an account, by email or text message, and do not send unsolicited emails that contain attachments. In addition, the U.S. government has stated that information about stimulus relief will never be sent by text or any other messaging platforms, and the IRS has advised that it will never request personal information by email, text, or social media.

              Finally, make sure that your employees know that the best thing to do if they do click on a suspicious link or attachment is to alert information security immediately. Keeping that information secret only makes the problem worse.

              If there does appear to be a breach, companies should contact experienced data breach counsel and a forensic investigation firm to minimize any potential litigation and enforcement risks. Counsel can:

              • Conduct a privileged review to determine the extent of the attack;
              • Identify, contain, and mitigate the attack;
              • Advise on responses to media inquiries; and
              • Coordinate notifications to affected individuals and regulators.

              The Paul Hastings Privacy and Cybersecurity practice has significant experience providing counsel on responding to suspected security breaches and personal data disclosures, guiding clients through investigations by federal authorities of potential privacy-related problems, and advising on establishing privacy and information security compliance programs. If you have any questions concerning these developing issues, please do not hesitate to contact members of this team.

              IsRss:
              • cybersecurity
              • client alerts

              Related professionals

              Linked PracticeAreas

              1 comment

              Leave a comment
              1. samanthajohnson | May 19, 2020
                It is an astounding just as instructive article that have a ton of extraordinary things to know. Instruction give you an expertise to help other people in their trouble. On the off chance that somebody is in a tough situation and can't pick a correct way or take a correct choice then you can likewise help other people through your insight. It’s your social duty to help other people in any trouble and help in taking right choices. Cheap essay writing service

                Leave a comment

                DISPUTES

                Don’t Feed the Fish: COVID-19 Phishing Scams and Malware Attacks

                Apr 24, 2020, 06:38 AM
                Publication Type(s):
                Client Alerts
                Exlcude on home page:
                No

                Congratulations! Your entire workforce is now remote and your cyber training has effectively taught them that the prince in exile is not really going to share his millions in offshore cash if they just let him park the money in their personal bank account. But what about an email from IT stating that the company has changed its remote work settings and requesting action, a newsletter from the government detailing new Paycheck Protection Program loan information, or the secure document they receive providing information about their work colleague who was just diagnosed with COVID-19 (and they get the colleague’s name right)?

                Cyber criminals have moved quickly to take advantage of the fear and concern around COVID-19, along with increased reliance on social media to stay connected, to launch very sophisticated cyber-attacks. These range from generic “phishing” campaigns, perpetrated by sending an email—or, increasingly, a text message—that appears to originate from a trustworthy source, or “spear phishing,” where the hackers monitor social media and specifically tailor the attack to the victim.

                We previously reported on the U.S. Department of Homeland Security (“DHS”) Cybersecurity and Infrastructure Agency (“CISA”) and the U.K.’s National Cyber Security Centre (“NCSC”) joint alert discussing COVID-19-related malicious cyber activity. With several more weeks of experience, we can now see how the threat landscape is evolving. In particular, organizations should be on the lookout for the following campaigns:

                General COVID-19 Updates

                People are desperate for any news about the virus and can easily be lured into clicking on links or attachments that look like new updates. Both CISA and the NCSC have observed a large volume of email phishing campaigns with subject lines such as:

                • 2020 Coronavirus Updates
                • Coronavirus Updates
                • 2019-nCov: New confirmed cases in your City
                • 2019-nCov: Coronavirus outbreak in your city (Emergency)

                One phishing campaign delivers emails purportedly from the Director-General of the World Health Organization, Tedros Adhanom Ghebreyesus, which contain an attachment that supposedly provides information on drugs for the prevention and treatment of COVID-19. By opening this attachment, the email recipient downloads a type of malware that logs keystrokes and captures screenshots.

                Another phishing attack prompts Android users to download an app containing a COVID-19 map that appears to provide tracking and statistical information about the virus. The application in fact constitutes a type of ransomware, nicknamed “CovidLock,” which prevents victims from accessing their devices until a ransom is paid.

                Offers of Medical Supplies and Insurance

                There have also been reports of phishing emails offering medical supplies like thermometers, face masks, and COVID-19 testing kits, as well as health insurance, which solicit financial information, or attach malware. The CISA-NCSC alert describes an example of a campaign in which the attackers attach images of the medical supplies offered for sale, where the attachment instead contains a loader for a type of keylogger malware called “Agent Tesla.”

                U.S. Government Aid

                The U.S. Secret Service has reported a rise in phishing campaigns related to federal COVID-19 financial support, which request that potential victims provide personal information in order to receive stimulus funds. Some of these campaigns involve the use of spoofed email addresses posing as U.S. Treasury officials.

                The FCC has also reported a text scam claiming to be from the “FCC Financial Care Center” and offering $30,000 in COVID-19 relief, despite the fact that no such FCC program exists.

                Other U.S. Government Communications

                The Secret Service issued an alert warning corporations about fraudulent emails apparently sent by the U.S. Department for Health and Human Services (“HHS”) that request the recipient to provide personal protective equipment and thermometers, and refer to an attached product list. When the recipient opens the attachment, malware is downloaded onto the recipient’s device.

                The Better Business Bureau has also warned the public of a text scam, in which the sender impersonates HHS and informs recipients that they must take a “mandatory online COVID-19 test” by clicking on the included link.

                Other criminals have impersonated the U.S. Centers for Disease Control and Prevention in sending phishing messages, with at least one example using the spoofed sender alias CDC Health Alert and the subject line “CDC-INFO-Corona Virus [Viccine] found.”

                Updates from Business Partners and Vendors

                The Secret Service has also warned corporations about fraudulent emails posing as corporate responses to COVID-19, purportedly sent by a vendor or other member of a corporation’s supply chain, which contain malicious attachments. The alert also notes that the email attachments have frequently been a Microsoft Office or WordPad file.

                Another example includes an email phishing campaign purportedly from Group Life and Health with the subject “Important Notice to Our Corporate Clients & Partners – COVID -19.” Attached to the spam email is a .rar file entitled, “COVID-19 Communication to corporate Clients.rar,” which contains Agent Tesla, malware commonly used by criminals attacking businesses.

                Internal Corporate Communications

                Among the cybersecurity implications of an entire organization working from home (as we discuss more generally here) are increased phishing attacks taking advantage of changes in corporate policy and the use of technology as a result of COVID-19. In particular, there has been a notable increase in fraudulent emails purportedly sent by an organization’s HR or IT departments, which provide revised company guidance and procedures, or direct an individual to perform a critical IT update.

                Exposure to COVID-19

                Finally, the Secret Service has alerted the public to a particularly egregious example of phishing emails that appear to come from a hospital and inform the recipient that they may have had contact with an individual infected with COVID-19. According to the Secret Service, these emails direct the recipient to download an attached Excel file, complete a form, and bring it to the nearest emergency clinic to be tested. Of course, clicking on the attachment in fact downloads malware to the recipient’s device.

                Protecting Yourself Against COVID-19 Phishing Attempts

                Advice for recognizing and protecting yourself against phishing attempts remains the same, whether or not the attempt is COVID-related:

                • Avoid opening attachments or clicking on links in messages from email addresses or phone numbers that you do not recognize.
                • Check the email address of a sender by hovering your mouse over the “from” address (though note that criminals can forge the “from” address on email messages to make them appear to be from a legitimate email address, otherwise known as “spoofing”).
                • If you receive a suspicious email from someone you know, contact that person with a new message instead of replying to the email.
                • If you receive a suspicious email or message from a government source or a charity, go directly to the government or charity’s website to independently confirm the information contained in the email or message.
                • Check the URLs of links sent by email before you click (including for spelling mistakes).
                • Watch out for URL redirects (where the URL displayed when you hover over the link is different from the text).
                • Do not install applications from untrusted sources (for Android users, this means sticking to the Google Play store).
                • More generally, always take time to consider whether a request for personal information or for payment (particularly payment by cash, gift card, wire, or cryptocurrency) is appropriate, especially if a message pressures you to act quickly!

                Legitimate companies and organizations do not normally request sensitive information, or the verification of an account, by email or text message, and do not send unsolicited emails that contain attachments. In addition, the U.S. government has stated that information about stimulus relief will never be sent by text or any other messaging platforms, and the IRS has advised that it will never request personal information by email, text, or social media.

                Finally, make sure that your employees know that the best thing to do if they do click on a suspicious link or attachment is to alert information security immediately. Keeping that information secret only makes the problem worse.

                If there does appear to be a breach, companies should contact experienced data breach counsel and a forensic investigation firm to minimize any potential litigation and enforcement risks. Counsel can:

                • Conduct a privileged review to determine the extent of the attack;
                • Identify, contain, and mitigate the attack;
                • Advise on responses to media inquiries; and
                • Coordinate notifications to affected individuals and regulators.

                The Paul Hastings Privacy and Cybersecurity practice has significant experience providing counsel on responding to suspected security breaches and personal data disclosures, guiding clients through investigations by federal authorities of potential privacy-related problems, and advising on establishing privacy and information security compliance programs. If you have any questions concerning these developing issues, please do not hesitate to contact members of this team.

                IsRss:
                • cybersecurity
                • client alerts

                Related professionals

                Linked PracticeAreas

                1 comment

                Leave a comment
                1. samanthajohnson | May 19, 2020
                  It is an astounding just as instructive article that have a ton of extraordinary things to know. Instruction give you an expertise to help other people in their trouble. On the off chance that somebody is in a tough situation and can't pick a correct way or take a correct choice then you can likewise help other people through your insight. It’s your social duty to help other people in any trouble and help in taking right choices. Cheap essay writing service

                  Leave a comment

                  PRIVACY & CYBERSECURITY

                  Don’t Feed the Fish: COVID-19 Phishing Scams and Malware Attacks

                  Apr 24, 2020, 06:38 AM
                  Publication Type(s):
                  Client Alerts
                  Exlcude on home page:
                  No

                  Congratulations! Your entire workforce is now remote and your cyber training has effectively taught them that the prince in exile is not really going to share his millions in offshore cash if they just let him park the money in their personal bank account. But what about an email from IT stating that the company has changed its remote work settings and requesting action, a newsletter from the government detailing new Paycheck Protection Program loan information, or the secure document they receive providing information about their work colleague who was just diagnosed with COVID-19 (and they get the colleague’s name right)?

                  Cyber criminals have moved quickly to take advantage of the fear and concern around COVID-19, along with increased reliance on social media to stay connected, to launch very sophisticated cyber-attacks. These range from generic “phishing” campaigns, perpetrated by sending an email—or, increasingly, a text message—that appears to originate from a trustworthy source, or “spear phishing,” where the hackers monitor social media and specifically tailor the attack to the victim.

                  We previously reported on the U.S. Department of Homeland Security (“DHS”) Cybersecurity and Infrastructure Agency (“CISA”) and the U.K.’s National Cyber Security Centre (“NCSC”) joint alert discussing COVID-19-related malicious cyber activity. With several more weeks of experience, we can now see how the threat landscape is evolving. In particular, organizations should be on the lookout for the following campaigns:

                  General COVID-19 Updates

                  People are desperate for any news about the virus and can easily be lured into clicking on links or attachments that look like new updates. Both CISA and the NCSC have observed a large volume of email phishing campaigns with subject lines such as:

                  • 2020 Coronavirus Updates
                  • Coronavirus Updates
                  • 2019-nCov: New confirmed cases in your City
                  • 2019-nCov: Coronavirus outbreak in your city (Emergency)

                  One phishing campaign delivers emails purportedly from the Director-General of the World Health Organization, Tedros Adhanom Ghebreyesus, which contain an attachment that supposedly provides information on drugs for the prevention and treatment of COVID-19. By opening this attachment, the email recipient downloads a type of malware that logs keystrokes and captures screenshots.

                  Another phishing attack prompts Android users to download an app containing a COVID-19 map that appears to provide tracking and statistical information about the virus. The application in fact constitutes a type of ransomware, nicknamed “CovidLock,” which prevents victims from accessing their devices until a ransom is paid.

                  Offers of Medical Supplies and Insurance

                  There have also been reports of phishing emails offering medical supplies like thermometers, face masks, and COVID-19 testing kits, as well as health insurance, which solicit financial information, or attach malware. The CISA-NCSC alert describes an example of a campaign in which the attackers attach images of the medical supplies offered for sale, where the attachment instead contains a loader for a type of keylogger malware called “Agent Tesla.”

                  U.S. Government Aid

                  The U.S. Secret Service has reported a rise in phishing campaigns related to federal COVID-19 financial support, which request that potential victims provide personal information in order to receive stimulus funds. Some of these campaigns involve the use of spoofed email addresses posing as U.S. Treasury officials.

                  The FCC has also reported a text scam claiming to be from the “FCC Financial Care Center” and offering $30,000 in COVID-19 relief, despite the fact that no such FCC program exists.

                  Other U.S. Government Communications

                  The Secret Service issued an alert warning corporations about fraudulent emails apparently sent by the U.S. Department for Health and Human Services (“HHS”) that request the recipient to provide personal protective equipment and thermometers, and refer to an attached product list. When the recipient opens the attachment, malware is downloaded onto the recipient’s device.

                  The Better Business Bureau has also warned the public of a text scam, in which the sender impersonates HHS and informs recipients that they must take a “mandatory online COVID-19 test” by clicking on the included link.

                  Other criminals have impersonated the U.S. Centers for Disease Control and Prevention in sending phishing messages, with at least one example using the spoofed sender alias CDC Health Alert and the subject line “CDC-INFO-Corona Virus [Viccine] found.”

                  Updates from Business Partners and Vendors

                  The Secret Service has also warned corporations about fraudulent emails posing as corporate responses to COVID-19, purportedly sent by a vendor or other member of a corporation’s supply chain, which contain malicious attachments. The alert also notes that the email attachments have frequently been a Microsoft Office or WordPad file.

                  Another example includes an email phishing campaign purportedly from Group Life and Health with the subject “Important Notice to Our Corporate Clients & Partners – COVID -19.” Attached to the spam email is a .rar file entitled, “COVID-19 Communication to corporate Clients.rar,” which contains Agent Tesla, malware commonly used by criminals attacking businesses.

                  Internal Corporate Communications

                  Among the cybersecurity implications of an entire organization working from home (as we discuss more generally here) are increased phishing attacks taking advantage of changes in corporate policy and the use of technology as a result of COVID-19. In particular, there has been a notable increase in fraudulent emails purportedly sent by an organization’s HR or IT departments, which provide revised company guidance and procedures, or direct an individual to perform a critical IT update.

                  Exposure to COVID-19

                  Finally, the Secret Service has alerted the public to a particularly egregious example of phishing emails that appear to come from a hospital and inform the recipient that they may have had contact with an individual infected with COVID-19. According to the Secret Service, these emails direct the recipient to download an attached Excel file, complete a form, and bring it to the nearest emergency clinic to be tested. Of course, clicking on the attachment in fact downloads malware to the recipient’s device.

                  Protecting Yourself Against COVID-19 Phishing Attempts

                  Advice for recognizing and protecting yourself against phishing attempts remains the same, whether or not the attempt is COVID-related:

                  • Avoid opening attachments or clicking on links in messages from email addresses or phone numbers that you do not recognize.
                  • Check the email address of a sender by hovering your mouse over the “from” address (though note that criminals can forge the “from” address on email messages to make them appear to be from a legitimate email address, otherwise known as “spoofing”).
                  • If you receive a suspicious email from someone you know, contact that person with a new message instead of replying to the email.
                  • If you receive a suspicious email or message from a government source or a charity, go directly to the government or charity’s website to independently confirm the information contained in the email or message.
                  • Check the URLs of links sent by email before you click (including for spelling mistakes).
                  • Watch out for URL redirects (where the URL displayed when you hover over the link is different from the text).
                  • Do not install applications from untrusted sources (for Android users, this means sticking to the Google Play store).
                  • More generally, always take time to consider whether a request for personal information or for payment (particularly payment by cash, gift card, wire, or cryptocurrency) is appropriate, especially if a message pressures you to act quickly!

                  Legitimate companies and organizations do not normally request sensitive information, or the verification of an account, by email or text message, and do not send unsolicited emails that contain attachments. In addition, the U.S. government has stated that information about stimulus relief will never be sent by text or any other messaging platforms, and the IRS has advised that it will never request personal information by email, text, or social media.

                  Finally, make sure that your employees know that the best thing to do if they do click on a suspicious link or attachment is to alert information security immediately. Keeping that information secret only makes the problem worse.

                  If there does appear to be a breach, companies should contact experienced data breach counsel and a forensic investigation firm to minimize any potential litigation and enforcement risks. Counsel can:

                  • Conduct a privileged review to determine the extent of the attack;
                  • Identify, contain, and mitigate the attack;
                  • Advise on responses to media inquiries; and
                  • Coordinate notifications to affected individuals and regulators.

                  The Paul Hastings Privacy and Cybersecurity practice has significant experience providing counsel on responding to suspected security breaches and personal data disclosures, guiding clients through investigations by federal authorities of potential privacy-related problems, and advising on establishing privacy and information security compliance programs. If you have any questions concerning these developing issues, please do not hesitate to contact members of this team.

                  IsRss:
                  • cybersecurity
                  • client alerts

                  Related professionals

                  Linked PracticeAreas

                  1 comment

                  Leave a comment
                  1. samanthajohnson | May 19, 2020
                    It is an astounding just as instructive article that have a ton of extraordinary things to know. Instruction give you an expertise to help other people in their trouble. On the off chance that somebody is in a tough situation and can't pick a correct way or take a correct choice then you can likewise help other people through your insight. It’s your social duty to help other people in any trouble and help in taking right choices. Cheap essay writing service

                    Leave a comment

                    SECURITIES & CAPITAL MARKETS

                    Don’t Feed the Fish: COVID-19 Phishing Scams and Malware Attacks

                    Apr 24, 2020, 06:38 AM
                    Publication Type(s):
                    Client Alerts
                    Exlcude on home page:
                    No

                    Congratulations! Your entire workforce is now remote and your cyber training has effectively taught them that the prince in exile is not really going to share his millions in offshore cash if they just let him park the money in their personal bank account. But what about an email from IT stating that the company has changed its remote work settings and requesting action, a newsletter from the government detailing new Paycheck Protection Program loan information, or the secure document they receive providing information about their work colleague who was just diagnosed with COVID-19 (and they get the colleague’s name right)?

                    Cyber criminals have moved quickly to take advantage of the fear and concern around COVID-19, along with increased reliance on social media to stay connected, to launch very sophisticated cyber-attacks. These range from generic “phishing” campaigns, perpetrated by sending an email—or, increasingly, a text message—that appears to originate from a trustworthy source, or “spear phishing,” where the hackers monitor social media and specifically tailor the attack to the victim.

                    We previously reported on the U.S. Department of Homeland Security (“DHS”) Cybersecurity and Infrastructure Agency (“CISA”) and the U.K.’s National Cyber Security Centre (“NCSC”) joint alert discussing COVID-19-related malicious cyber activity. With several more weeks of experience, we can now see how the threat landscape is evolving. In particular, organizations should be on the lookout for the following campaigns:

                    General COVID-19 Updates

                    People are desperate for any news about the virus and can easily be lured into clicking on links or attachments that look like new updates. Both CISA and the NCSC have observed a large volume of email phishing campaigns with subject lines such as:

                    • 2020 Coronavirus Updates
                    • Coronavirus Updates
                    • 2019-nCov: New confirmed cases in your City
                    • 2019-nCov: Coronavirus outbreak in your city (Emergency)

                    One phishing campaign delivers emails purportedly from the Director-General of the World Health Organization, Tedros Adhanom Ghebreyesus, which contain an attachment that supposedly provides information on drugs for the prevention and treatment of COVID-19. By opening this attachment, the email recipient downloads a type of malware that logs keystrokes and captures screenshots.

                    Another phishing attack prompts Android users to download an app containing a COVID-19 map that appears to provide tracking and statistical information about the virus. The application in fact constitutes a type of ransomware, nicknamed “CovidLock,” which prevents victims from accessing their devices until a ransom is paid.

                    Offers of Medical Supplies and Insurance

                    There have also been reports of phishing emails offering medical supplies like thermometers, face masks, and COVID-19 testing kits, as well as health insurance, which solicit financial information, or attach malware. The CISA-NCSC alert describes an example of a campaign in which the attackers attach images of the medical supplies offered for sale, where the attachment instead contains a loader for a type of keylogger malware called “Agent Tesla.”

                    U.S. Government Aid

                    The U.S. Secret Service has reported a rise in phishing campaigns related to federal COVID-19 financial support, which request that potential victims provide personal information in order to receive stimulus funds. Some of these campaigns involve the use of spoofed email addresses posing as U.S. Treasury officials.

                    The FCC has also reported a text scam claiming to be from the “FCC Financial Care Center” and offering $30,000 in COVID-19 relief, despite the fact that no such FCC program exists.

                    Other U.S. Government Communications

                    The Secret Service issued an alert warning corporations about fraudulent emails apparently sent by the U.S. Department for Health and Human Services (“HHS”) that request the recipient to provide personal protective equipment and thermometers, and refer to an attached product list. When the recipient opens the attachment, malware is downloaded onto the recipient’s device.

                    The Better Business Bureau has also warned the public of a text scam, in which the sender impersonates HHS and informs recipients that they must take a “mandatory online COVID-19 test” by clicking on the included link.

                    Other criminals have impersonated the U.S. Centers for Disease Control and Prevention in sending phishing messages, with at least one example using the spoofed sender alias CDC Health Alert and the subject line “CDC-INFO-Corona Virus [Viccine] found.”

                    Updates from Business Partners and Vendors

                    The Secret Service has also warned corporations about fraudulent emails posing as corporate responses to COVID-19, purportedly sent by a vendor or other member of a corporation’s supply chain, which contain malicious attachments. The alert also notes that the email attachments have frequently been a Microsoft Office or WordPad file.

                    Another example includes an email phishing campaign purportedly from Group Life and Health with the subject “Important Notice to Our Corporate Clients & Partners – COVID -19.” Attached to the spam email is a .rar file entitled, “COVID-19 Communication to corporate Clients.rar,” which contains Agent Tesla, malware commonly used by criminals attacking businesses.

                    Internal Corporate Communications

                    Among the cybersecurity implications of an entire organization working from home (as we discuss more generally here) are increased phishing attacks taking advantage of changes in corporate policy and the use of technology as a result of COVID-19. In particular, there has been a notable increase in fraudulent emails purportedly sent by an organization’s HR or IT departments, which provide revised company guidance and procedures, or direct an individual to perform a critical IT update.

                    Exposure to COVID-19

                    Finally, the Secret Service has alerted the public to a particularly egregious example of phishing emails that appear to come from a hospital and inform the recipient that they may have had contact with an individual infected with COVID-19. According to the Secret Service, these emails direct the recipient to download an attached Excel file, complete a form, and bring it to the nearest emergency clinic to be tested. Of course, clicking on the attachment in fact downloads malware to the recipient’s device.

                    Protecting Yourself Against COVID-19 Phishing Attempts

                    Advice for recognizing and protecting yourself against phishing attempts remains the same, whether or not the attempt is COVID-related:

                    • Avoid opening attachments or clicking on links in messages from email addresses or phone numbers that you do not recognize.
                    • Check the email address of a sender by hovering your mouse over the “from” address (though note that criminals can forge the “from” address on email messages to make them appear to be from a legitimate email address, otherwise known as “spoofing”).
                    • If you receive a suspicious email from someone you know, contact that person with a new message instead of replying to the email.
                    • If you receive a suspicious email or message from a government source or a charity, go directly to the government or charity’s website to independently confirm the information contained in the email or message.
                    • Check the URLs of links sent by email before you click (including for spelling mistakes).
                    • Watch out for URL redirects (where the URL displayed when you hover over the link is different from the text).
                    • Do not install applications from untrusted sources (for Android users, this means sticking to the Google Play store).
                    • More generally, always take time to consider whether a request for personal information or for payment (particularly payment by cash, gift card, wire, or cryptocurrency) is appropriate, especially if a message pressures you to act quickly!

                    Legitimate companies and organizations do not normally request sensitive information, or the verification of an account, by email or text message, and do not send unsolicited emails that contain attachments. In addition, the U.S. government has stated that information about stimulus relief will never be sent by text or any other messaging platforms, and the IRS has advised that it will never request personal information by email, text, or social media.

                    Finally, make sure that your employees know that the best thing to do if they do click on a suspicious link or attachment is to alert information security immediately. Keeping that information secret only makes the problem worse.

                    If there does appear to be a breach, companies should contact experienced data breach counsel and a forensic investigation firm to minimize any potential litigation and enforcement risks. Counsel can:

                    • Conduct a privileged review to determine the extent of the attack;
                    • Identify, contain, and mitigate the attack;
                    • Advise on responses to media inquiries; and
                    • Coordinate notifications to affected individuals and regulators.

                    The Paul Hastings Privacy and Cybersecurity practice has significant experience providing counsel on responding to suspected security breaches and personal data disclosures, guiding clients through investigations by federal authorities of potential privacy-related problems, and advising on establishing privacy and information security compliance programs. If you have any questions concerning these developing issues, please do not hesitate to contact members of this team.

                    IsRss:
                    • cybersecurity
                    • client alerts

                    Related professionals

                    Linked PracticeAreas

                    1 comment

                    Leave a comment
                    1. samanthajohnson | May 19, 2020
                      It is an astounding just as instructive article that have a ton of extraordinary things to know. Instruction give you an expertise to help other people in their trouble. On the off chance that somebody is in a tough situation and can't pick a correct way or take a correct choice then you can likewise help other people through your insight. It’s your social duty to help other people in any trouble and help in taking right choices. Cheap essay writing service

                      Leave a comment

                      EUROPE

                      Don’t Feed the Fish: COVID-19 Phishing Scams and Malware Attacks

                      Apr 24, 2020, 06:38 AM
                      Publication Type(s):
                      Client Alerts
                      Exlcude on home page:
                      No

                      Congratulations! Your entire workforce is now remote and your cyber training has effectively taught them that the prince in exile is not really going to share his millions in offshore cash if they just let him park the money in their personal bank account. But what about an email from IT stating that the company has changed its remote work settings and requesting action, a newsletter from the government detailing new Paycheck Protection Program loan information, or the secure document they receive providing information about their work colleague who was just diagnosed with COVID-19 (and they get the colleague’s name right)?

                      Cyber criminals have moved quickly to take advantage of the fear and concern around COVID-19, along with increased reliance on social media to stay connected, to launch very sophisticated cyber-attacks. These range from generic “phishing” campaigns, perpetrated by sending an email—or, increasingly, a text message—that appears to originate from a trustworthy source, or “spear phishing,” where the hackers monitor social media and specifically tailor the attack to the victim.

                      We previously reported on the U.S. Department of Homeland Security (“DHS”) Cybersecurity and Infrastructure Agency (“CISA”) and the U.K.’s National Cyber Security Centre (“NCSC”) joint alert discussing COVID-19-related malicious cyber activity. With several more weeks of experience, we can now see how the threat landscape is evolving. In particular, organizations should be on the lookout for the following campaigns:

                      General COVID-19 Updates

                      People are desperate for any news about the virus and can easily be lured into clicking on links or attachments that look like new updates. Both CISA and the NCSC have observed a large volume of email phishing campaigns with subject lines such as:

                      • 2020 Coronavirus Updates
                      • Coronavirus Updates
                      • 2019-nCov: New confirmed cases in your City
                      • 2019-nCov: Coronavirus outbreak in your city (Emergency)

                      One phishing campaign delivers emails purportedly from the Director-General of the World Health Organization, Tedros Adhanom Ghebreyesus, which contain an attachment that supposedly provides information on drugs for the prevention and treatment of COVID-19. By opening this attachment, the email recipient downloads a type of malware that logs keystrokes and captures screenshots.

                      Another phishing attack prompts Android users to download an app containing a COVID-19 map that appears to provide tracking and statistical information about the virus. The application in fact constitutes a type of ransomware, nicknamed “CovidLock,” which prevents victims from accessing their devices until a ransom is paid.

                      Offers of Medical Supplies and Insurance

                      There have also been reports of phishing emails offering medical supplies like thermometers, face masks, and COVID-19 testing kits, as well as health insurance, which solicit financial information, or attach malware. The CISA-NCSC alert describes an example of a campaign in which the attackers attach images of the medical supplies offered for sale, where the attachment instead contains a loader for a type of keylogger malware called “Agent Tesla.”

                      U.S. Government Aid

                      The U.S. Secret Service has reported a rise in phishing campaigns related to federal COVID-19 financial support, which request that potential victims provide personal information in order to receive stimulus funds. Some of these campaigns involve the use of spoofed email addresses posing as U.S. Treasury officials.

                      The FCC has also reported a text scam claiming to be from the “FCC Financial Care Center” and offering $30,000 in COVID-19 relief, despite the fact that no such FCC program exists.

                      Other U.S. Government Communications

                      The Secret Service issued an alert warning corporations about fraudulent emails apparently sent by the U.S. Department for Health and Human Services (“HHS”) that request the recipient to provide personal protective equipment and thermometers, and refer to an attached product list. When the recipient opens the attachment, malware is downloaded onto the recipient’s device.

                      The Better Business Bureau has also warned the public of a text scam, in which the sender impersonates HHS and informs recipients that they must take a “mandatory online COVID-19 test” by clicking on the included link.

                      Other criminals have impersonated the U.S. Centers for Disease Control and Prevention in sending phishing messages, with at least one example using the spoofed sender alias CDC Health Alert and the subject line “CDC-INFO-Corona Virus [Viccine] found.”

                      Updates from Business Partners and Vendors

                      The Secret Service has also warned corporations about fraudulent emails posing as corporate responses to COVID-19, purportedly sent by a vendor or other member of a corporation’s supply chain, which contain malicious attachments. The alert also notes that the email attachments have frequently been a Microsoft Office or WordPad file.

                      Another example includes an email phishing campaign purportedly from Group Life and Health with the subject “Important Notice to Our Corporate Clients & Partners – COVID -19.” Attached to the spam email is a .rar file entitled, “COVID-19 Communication to corporate Clients.rar,” which contains Agent Tesla, malware commonly used by criminals attacking businesses.

                      Internal Corporate Communications

                      Among the cybersecurity implications of an entire organization working from home (as we discuss more generally here) are increased phishing attacks taking advantage of changes in corporate policy and the use of technology as a result of COVID-19. In particular, there has been a notable increase in fraudulent emails purportedly sent by an organization’s HR or IT departments, which provide revised company guidance and procedures, or direct an individual to perform a critical IT update.

                      Exposure to COVID-19

                      Finally, the Secret Service has alerted the public to a particularly egregious example of phishing emails that appear to come from a hospital and inform the recipient that they may have had contact with an individual infected with COVID-19. According to the Secret Service, these emails direct the recipient to download an attached Excel file, complete a form, and bring it to the nearest emergency clinic to be tested. Of course, clicking on the attachment in fact downloads malware to the recipient’s device.

                      Protecting Yourself Against COVID-19 Phishing Attempts

                      Advice for recognizing and protecting yourself against phishing attempts remains the same, whether or not the attempt is COVID-related:

                      • Avoid opening attachments or clicking on links in messages from email addresses or phone numbers that you do not recognize.
                      • Check the email address of a sender by hovering your mouse over the “from” address (though note that criminals can forge the “from” address on email messages to make them appear to be from a legitimate email address, otherwise known as “spoofing”).
                      • If you receive a suspicious email from someone you know, contact that person with a new message instead of replying to the email.
                      • If you receive a suspicious email or message from a government source or a charity, go directly to the government or charity’s website to independently confirm the information contained in the email or message.
                      • Check the URLs of links sent by email before you click (including for spelling mistakes).
                      • Watch out for URL redirects (where the URL displayed when you hover over the link is different from the text).
                      • Do not install applications from untrusted sources (for Android users, this means sticking to the Google Play store).
                      • More generally, always take time to consider whether a request for personal information or for payment (particularly payment by cash, gift card, wire, or cryptocurrency) is appropriate, especially if a message pressures you to act quickly!

                      Legitimate companies and organizations do not normally request sensitive information, or the verification of an account, by email or text message, and do not send unsolicited emails that contain attachments. In addition, the U.S. government has stated that information about stimulus relief will never be sent by text or any other messaging platforms, and the IRS has advised that it will never request personal information by email, text, or social media.

                      Finally, make sure that your employees know that the best thing to do if they do click on a suspicious link or attachment is to alert information security immediately. Keeping that information secret only makes the problem worse.

                      If there does appear to be a breach, companies should contact experienced data breach counsel and a forensic investigation firm to minimize any potential litigation and enforcement risks. Counsel can:

                      • Conduct a privileged review to determine the extent of the attack;
                      • Identify, contain, and mitigate the attack;
                      • Advise on responses to media inquiries; and
                      • Coordinate notifications to affected individuals and regulators.

                      The Paul Hastings Privacy and Cybersecurity practice has significant experience providing counsel on responding to suspected security breaches and personal data disclosures, guiding clients through investigations by federal authorities of potential privacy-related problems, and advising on establishing privacy and information security compliance programs. If you have any questions concerning these developing issues, please do not hesitate to contact members of this team.

                      IsRss:
                      • cybersecurity
                      • client alerts

                      Related professionals

                      Linked PracticeAreas

                      1 comment

                      Leave a comment
                      1. samanthajohnson | May 19, 2020
                        It is an astounding just as instructive article that have a ton of extraordinary things to know. Instruction give you an expertise to help other people in their trouble. On the off chance that somebody is in a tough situation and can't pick a correct way or take a correct choice then you can likewise help other people through your insight. It’s your social duty to help other people in any trouble and help in taking right choices. Cheap essay writing service

                        Leave a comment

                        LATIN AMERICA

                        Don’t Feed the Fish: COVID-19 Phishing Scams and Malware Attacks

                        Apr 24, 2020, 06:38 AM
                        Publication Type(s):
                        Client Alerts
                        Exlcude on home page:
                        No

                        Congratulations! Your entire workforce is now remote and your cyber training has effectively taught them that the prince in exile is not really going to share his millions in offshore cash if they just let him park the money in their personal bank account. But what about an email from IT stating that the company has changed its remote work settings and requesting action, a newsletter from the government detailing new Paycheck Protection Program loan information, or the secure document they receive providing information about their work colleague who was just diagnosed with COVID-19 (and they get the colleague’s name right)?

                        Cyber criminals have moved quickly to take advantage of the fear and concern around COVID-19, along with increased reliance on social media to stay connected, to launch very sophisticated cyber-attacks. These range from generic “phishing” campaigns, perpetrated by sending an email—or, increasingly, a text message—that appears to originate from a trustworthy source, or “spear phishing,” where the hackers monitor social media and specifically tailor the attack to the victim.

                        We previously reported on the U.S. Department of Homeland Security (“DHS”) Cybersecurity and Infrastructure Agency (“CISA”) and the U.K.’s National Cyber Security Centre (“NCSC”) joint alert discussing COVID-19-related malicious cyber activity. With several more weeks of experience, we can now see how the threat landscape is evolving. In particular, organizations should be on the lookout for the following campaigns:

                        General COVID-19 Updates

                        People are desperate for any news about the virus and can easily be lured into clicking on links or attachments that look like new updates. Both CISA and the NCSC have observed a large volume of email phishing campaigns with subject lines such as:

                        • 2020 Coronavirus Updates
                        • Coronavirus Updates
                        • 2019-nCov: New confirmed cases in your City
                        • 2019-nCov: Coronavirus outbreak in your city (Emergency)

                        One phishing campaign delivers emails purportedly from the Director-General of the World Health Organization, Tedros Adhanom Ghebreyesus, which contain an attachment that supposedly provides information on drugs for the prevention and treatment of COVID-19. By opening this attachment, the email recipient downloads a type of malware that logs keystrokes and captures screenshots.

                        Another phishing attack prompts Android users to download an app containing a COVID-19 map that appears to provide tracking and statistical information about the virus. The application in fact constitutes a type of ransomware, nicknamed “CovidLock,” which prevents victims from accessing their devices until a ransom is paid.

                        Offers of Medical Supplies and Insurance

                        There have also been reports of phishing emails offering medical supplies like thermometers, face masks, and COVID-19 testing kits, as well as health insurance, which solicit financial information, or attach malware. The CISA-NCSC alert describes an example of a campaign in which the attackers attach images of the medical supplies offered for sale, where the attachment instead contains a loader for a type of keylogger malware called “Agent Tesla.”

                        U.S. Government Aid

                        The U.S. Secret Service has reported a rise in phishing campaigns related to federal COVID-19 financial support, which request that potential victims provide personal information in order to receive stimulus funds. Some of these campaigns involve the use of spoofed email addresses posing as U.S. Treasury officials.

                        The FCC has also reported a text scam claiming to be from the “FCC Financial Care Center” and offering $30,000 in COVID-19 relief, despite the fact that no such FCC program exists.

                        Other U.S. Government Communications

                        The Secret Service issued an alert warning corporations about fraudulent emails apparently sent by the U.S. Department for Health and Human Services (“HHS”) that request the recipient to provide personal protective equipment and thermometers, and refer to an attached product list. When the recipient opens the attachment, malware is downloaded onto the recipient’s device.

                        The Better Business Bureau has also warned the public of a text scam, in which the sender impersonates HHS and informs recipients that they must take a “mandatory online COVID-19 test” by clicking on the included link.

                        Other criminals have impersonated the U.S. Centers for Disease Control and Prevention in sending phishing messages, with at least one example using the spoofed sender alias CDC Health Alert and the subject line “CDC-INFO-Corona Virus [Viccine] found.”

                        Updates from Business Partners and Vendors

                        The Secret Service has also warned corporations about fraudulent emails posing as corporate responses to COVID-19, purportedly sent by a vendor or other member of a corporation’s supply chain, which contain malicious attachments. The alert also notes that the email attachments have frequently been a Microsoft Office or WordPad file.

                        Another example includes an email phishing campaign purportedly from Group Life and Health with the subject “Important Notice to Our Corporate Clients & Partners – COVID -19.” Attached to the spam email is a .rar file entitled, “COVID-19 Communication to corporate Clients.rar,” which contains Agent Tesla, malware commonly used by criminals attacking businesses.

                        Internal Corporate Communications

                        Among the cybersecurity implications of an entire organization working from home (as we discuss more generally here) are increased phishing attacks taking advantage of changes in corporate policy and the use of technology as a result of COVID-19. In particular, there has been a notable increase in fraudulent emails purportedly sent by an organization’s HR or IT departments, which provide revised company guidance and procedures, or direct an individual to perform a critical IT update.

                        Exposure to COVID-19

                        Finally, the Secret Service has alerted the public to a particularly egregious example of phishing emails that appear to come from a hospital and inform the recipient that they may have had contact with an individual infected with COVID-19. According to the Secret Service, these emails direct the recipient to download an attached Excel file, complete a form, and bring it to the nearest emergency clinic to be tested. Of course, clicking on the attachment in fact downloads malware to the recipient’s device.

                        Protecting Yourself Against COVID-19 Phishing Attempts

                        Advice for recognizing and protecting yourself against phishing attempts remains the same, whether or not the attempt is COVID-related:

                        • Avoid opening attachments or clicking on links in messages from email addresses or phone numbers that you do not recognize.
                        • Check the email address of a sender by hovering your mouse over the “from” address (though note that criminals can forge the “from” address on email messages to make them appear to be from a legitimate email address, otherwise known as “spoofing”).
                        • If you receive a suspicious email from someone you know, contact that person with a new message instead of replying to the email.
                        • If you receive a suspicious email or message from a government source or a charity, go directly to the government or charity’s website to independently confirm the information contained in the email or message.
                        • Check the URLs of links sent by email before you click (including for spelling mistakes).
                        • Watch out for URL redirects (where the URL displayed when you hover over the link is different from the text).
                        • Do not install applications from untrusted sources (for Android users, this means sticking to the Google Play store).
                        • More generally, always take time to consider whether a request for personal information or for payment (particularly payment by cash, gift card, wire, or cryptocurrency) is appropriate, especially if a message pressures you to act quickly!

                        Legitimate companies and organizations do not normally request sensitive information, or the verification of an account, by email or text message, and do not send unsolicited emails that contain attachments. In addition, the U.S. government has stated that information about stimulus relief will never be sent by text or any other messaging platforms, and the IRS has advised that it will never request personal information by email, text, or social media.

                        Finally, make sure that your employees know that the best thing to do if they do click on a suspicious link or attachment is to alert information security immediately. Keeping that information secret only makes the problem worse.

                        If there does appear to be a breach, companies should contact experienced data breach counsel and a forensic investigation firm to minimize any potential litigation and enforcement risks. Counsel can:

                        • Conduct a privileged review to determine the extent of the attack;
                        • Identify, contain, and mitigate the attack;
                        • Advise on responses to media inquiries; and
                        • Coordinate notifications to affected individuals and regulators.

                        The Paul Hastings Privacy and Cybersecurity practice has significant experience providing counsel on responding to suspected security breaches and personal data disclosures, guiding clients through investigations by federal authorities of potential privacy-related problems, and advising on establishing privacy and information security compliance programs. If you have any questions concerning these developing issues, please do not hesitate to contact members of this team.

                        IsRss:
                        • cybersecurity
                        • client alerts

                        Related professionals

                        Linked PracticeAreas

                        1 comment

                        Leave a comment
                        1. samanthajohnson | May 19, 2020
                          It is an astounding just as instructive article that have a ton of extraordinary things to know. Instruction give you an expertise to help other people in their trouble. On the off chance that somebody is in a tough situation and can't pick a correct way or take a correct choice then you can likewise help other people through your insight. It’s your social duty to help other people in any trouble and help in taking right choices. Cheap essay writing service

                          Leave a comment

                           

                          KEY INSIGHTS

                          Don’t Feed the Fish: COVID-19 Phishing Scams and Malware Attacks

                          Apr 24, 2020, 06:38 AM
                          Publication Type(s):
                          Client Alerts
                          Exlcude on home page:
                          No

                          Congratulations! Your entire workforce is now remote and your cyber training has effectively taught them that the prince in exile is not really going to share his millions in offshore cash if they just let him park the money in their personal bank account. But what about an email from IT stating that the company has changed its remote work settings and requesting action, a newsletter from the government detailing new Paycheck Protection Program loan information, or the secure document they receive providing information about their work colleague who was just diagnosed with COVID-19 (and they get the colleague’s name right)?

                          Cyber criminals have moved quickly to take advantage of the fear and concern around COVID-19, along with increased reliance on social media to stay connected, to launch very sophisticated cyber-attacks. These range from generic “phishing” campaigns, perpetrated by sending an email—or, increasingly, a text message—that appears to originate from a trustworthy source, or “spear phishing,” where the hackers monitor social media and specifically tailor the attack to the victim.

                          We previously reported on the U.S. Department of Homeland Security (“DHS”) Cybersecurity and Infrastructure Agency (“CISA”) and the U.K.’s National Cyber Security Centre (“NCSC”) joint alert discussing COVID-19-related malicious cyber activity. With several more weeks of experience, we can now see how the threat landscape is evolving. In particular, organizations should be on the lookout for the following campaigns:

                          General COVID-19 Updates

                          People are desperate for any news about the virus and can easily be lured into clicking on links or attachments that look like new updates. Both CISA and the NCSC have observed a large volume of email phishing campaigns with subject lines such as:

                          • 2020 Coronavirus Updates
                          • Coronavirus Updates
                          • 2019-nCov: New confirmed cases in your City
                          • 2019-nCov: Coronavirus outbreak in your city (Emergency)

                          One phishing campaign delivers emails purportedly from the Director-General of the World Health Organization, Tedros Adhanom Ghebreyesus, which contain an attachment that supposedly provides information on drugs for the prevention and treatment of COVID-19. By opening this attachment, the email recipient downloads a type of malware that logs keystrokes and captures screenshots.

                          Another phishing attack prompts Android users to download an app containing a COVID-19 map that appears to provide tracking and statistical information about the virus. The application in fact constitutes a type of ransomware, nicknamed “CovidLock,” which prevents victims from accessing their devices until a ransom is paid.

                          Offers of Medical Supplies and Insurance

                          There have also been reports of phishing emails offering medical supplies like thermometers, face masks, and COVID-19 testing kits, as well as health insurance, which solicit financial information, or attach malware. The CISA-NCSC alert describes an example of a campaign in which the attackers attach images of the medical supplies offered for sale, where the attachment instead contains a loader for a type of keylogger malware called “Agent Tesla.”

                          U.S. Government Aid

                          The U.S. Secret Service has reported a rise in phishing campaigns related to federal COVID-19 financial support, which request that potential victims provide personal information in order to receive stimulus funds. Some of these campaigns involve the use of spoofed email addresses posing as U.S. Treasury officials.

                          The FCC has also reported a text scam claiming to be from the “FCC Financial Care Center” and offering $30,000 in COVID-19 relief, despite the fact that no such FCC program exists.

                          Other U.S. Government Communications

                          The Secret Service issued an alert warning corporations about fraudulent emails apparently sent by the U.S. Department for Health and Human Services (“HHS”) that request the recipient to provide personal protective equipment and thermometers, and refer to an attached product list. When the recipient opens the attachment, malware is downloaded onto the recipient’s device.

                          The Better Business Bureau has also warned the public of a text scam, in which the sender impersonates HHS and informs recipients that they must take a “mandatory online COVID-19 test” by clicking on the included link.

                          Other criminals have impersonated the U.S. Centers for Disease Control and Prevention in sending phishing messages, with at least one example using the spoofed sender alias CDC Health Alert and the subject line “CDC-INFO-Corona Virus [Viccine] found.”

                          Updates from Business Partners and Vendors

                          The Secret Service has also warned corporations about fraudulent emails posing as corporate responses to COVID-19, purportedly sent by a vendor or other member of a corporation’s supply chain, which contain malicious attachments. The alert also notes that the email attachments have frequently been a Microsoft Office or WordPad file.

                          Another example includes an email phishing campaign purportedly from Group Life and Health with the subject “Important Notice to Our Corporate Clients & Partners – COVID -19.” Attached to the spam email is a .rar file entitled, “COVID-19 Communication to corporate Clients.rar,” which contains Agent Tesla, malware commonly used by criminals attacking businesses.

                          Internal Corporate Communications

                          Among the cybersecurity implications of an entire organization working from home (as we discuss more generally here) are increased phishing attacks taking advantage of changes in corporate policy and the use of technology as a result of COVID-19. In particular, there has been a notable increase in fraudulent emails purportedly sent by an organization’s HR or IT departments, which provide revised company guidance and procedures, or direct an individual to perform a critical IT update.

                          Exposure to COVID-19

                          Finally, the Secret Service has alerted the public to a particularly egregious example of phishing emails that appear to come from a hospital and inform the recipient that they may have had contact with an individual infected with COVID-19. According to the Secret Service, these emails direct the recipient to download an attached Excel file, complete a form, and bring it to the nearest emergency clinic to be tested. Of course, clicking on the attachment in fact downloads malware to the recipient’s device.

                          Protecting Yourself Against COVID-19 Phishing Attempts

                          Advice for recognizing and protecting yourself against phishing attempts remains the same, whether or not the attempt is COVID-related:

                          • Avoid opening attachments or clicking on links in messages from email addresses or phone numbers that you do not recognize.
                          • Check the email address of a sender by hovering your mouse over the “from” address (though note that criminals can forge the “from” address on email messages to make them appear to be from a legitimate email address, otherwise known as “spoofing”).
                          • If you receive a suspicious email from someone you know, contact that person with a new message instead of replying to the email.
                          • If you receive a suspicious email or message from a government source or a charity, go directly to the government or charity’s website to independently confirm the information contained in the email or message.
                          • Check the URLs of links sent by email before you click (including for spelling mistakes).
                          • Watch out for URL redirects (where the URL displayed when you hover over the link is different from the text).
                          • Do not install applications from untrusted sources (for Android users, this means sticking to the Google Play store).
                          • More generally, always take time to consider whether a request for personal information or for payment (particularly payment by cash, gift card, wire, or cryptocurrency) is appropriate, especially if a message pressures you to act quickly!

                          Legitimate companies and organizations do not normally request sensitive information, or the verification of an account, by email or text message, and do not send unsolicited emails that contain attachments. In addition, the U.S. government has stated that information about stimulus relief will never be sent by text or any other messaging platforms, and the IRS has advised that it will never request personal information by email, text, or social media.

                          Finally, make sure that your employees know that the best thing to do if they do click on a suspicious link or attachment is to alert information security immediately. Keeping that information secret only makes the problem worse.

                          If there does appear to be a breach, companies should contact experienced data breach counsel and a forensic investigation firm to minimize any potential litigation and enforcement risks. Counsel can:

                          • Conduct a privileged review to determine the extent of the attack;
                          • Identify, contain, and mitigate the attack;
                          • Advise on responses to media inquiries; and
                          • Coordinate notifications to affected individuals and regulators.

                          The Paul Hastings Privacy and Cybersecurity practice has significant experience providing counsel on responding to suspected security breaches and personal data disclosures, guiding clients through investigations by federal authorities of potential privacy-related problems, and advising on establishing privacy and information security compliance programs. If you have any questions concerning these developing issues, please do not hesitate to contact members of this team.

                          IsRss:
                          • cybersecurity
                          • client alerts

                          Related professionals

                          Linked PracticeAreas

                          1 comment

                          Leave a comment
                          1. samanthajohnson | May 19, 2020
                            It is an astounding just as instructive article that have a ton of extraordinary things to know. Instruction give you an expertise to help other people in their trouble. On the off chance that somebody is in a tough situation and can't pick a correct way or take a correct choice then you can likewise help other people through your insight. It’s your social duty to help other people in any trouble and help in taking right choices. Cheap essay writing service

                            Leave a comment

                            KEY CONTACTS