OCR Shares COVID-19 Cyber Scam Advice

  • The Office for Civil Rights issued an alert for healthcare providers urging them to review recent COVID-19 cyber scam guidance from the Department of Homeland Security, as hackers continue to target users with coronavirus phishing campaigns.
  • Cybercriminals are sending emails with malicious attachments or links to fraudulent websites in an attempt to gain access to sensitive information.
  • Organizations must be cautious when handling emails with subject lines, attachments, or hyperlinks related to Coronavirus, or COVID-19.
  • There has been a resurgence of a malspam phishing campaign impersonating the World Health Organization. The first campaign was discovered by MalwareHunterTeam on March 7.
  • These types of campaigns are taking advantage of the pandemic. On March 17, they also observed another WHO-related phishing campaign.
  • The impersonation of WHO may tempt users to open the email, but watch for misspellings even in the subject line that could alert users to the maliciousness of the attack
  • The guidance recommends individuals remain vigilant. Suggested precautions include to avoid clicking on links in unsolicited emails, be wary of email attachments, only use trusted sources, such as legitimate government websites and not respond to email solicitations for personal or financial information.