COVID-19 "Termination" Phishing Emails
The Canadian Centre for Cyber Security (CCCS) is circulating an advisory they received from the FBI in the US. As we’re all aware, there has been a significant increase in phishing emails with a Coronavirus / COVID-19 theme. The FBI are advising that the cyber criminals have seized on the uncertainty surrounding the COVID-19 pandemic and are targeting remote workers with fake “termination” emails and video conferencing invitations.
The messages include vague, attention-getting subject lines such as “Termination Review Meeting” and cite the current COVID-19 pandemic as the reason for downsizing, give instructions describing how to process out from the company, and directs the employee to click a potentially malicious "hotlink" to receive termination benefits. The emails contained a spoofed domain address, and employees that clicked on the link received a black screen. In a similar attack, employees received invitations to a teleconference regarding their supposed “terminations” that contained links that harvested their credentials.
The report suggests that some of these emails are quite well crafted and may use an email address that looks similar to their organisation’s real one.
Here’s what you need to do to protect yourself from this (or any…) attack:
- STOP! THINK! CONNECT
- Examine the email carefully for the “usual” signs of a phishing email: address doesn’t match, sense of urgency, spelling / grammar, etc.
- If you can’t view the sender’s email address because you’re reading the email on a mobile device, then DO NOT RESPOND. Wait.
- Look for the TrustedSource indicators. Not sure what they are? Here’s a link: https://crossroads.royalroads.ca/user/login?destination=node/30838/view
- Still not sure? Check with your Cybersecurity Ambassador, Computer Help Desk or IT Security. We’re all happy to help!
One final thought. “Caring” is one of RRU’s Core Values. Does it make sense that an organisation with Caring as a core value would turn around and send out, without any prior notice, an email about termination? I think not. Please keep that in mind should one of these phishing emails show up in your Inbox.
REMEMBER: STOP! THINK! CONNECT
How to Contact the Computer Services Department
Submit a ticket
To submit a ticket, you will be required to log in using your FULL Royal Roads email address (detailed instructions here)
New! If you do not have a full RRU email address (students not currently in a credit program and/or visitors), you can create a portal account using your personal email address.
Email us at IT Customer Service
Contact Form
Phone: 250-391-2659 Toll Free: 1-866-808-5429
Come visit us in the Sequoia Building
Hours of Operation