Remain vigilant for cybercrimes related to COVID-19
Michigan Medicine encourages everyone to remain vigilant for scams related to COVID-19.
Cybercriminals have been sending malicious files disguised as video instructions on how to protect oneself from the coronavirus. They have also sent malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes.
Some of these communications have even been carefully designed to appear as though they are coming from the World Health Organization and other trusted government agencies.
Exercise caution in handling any email with a COVID-19-related subject line, attachment or hyperlink, and be wary of social media pleas, texts or calls related to COVID-19.
Given these increasing threats, please remember the following:
- Government agencies do not send emails directly to individuals about COVID-19.
- Michigan Medicine will not be sending any simulated phishing emails related to COVID-19.
- Report suspicious emails, even related to COVID-19, using the “Report Phishing” button in Outlook; or on mobile devices, forward phishing emails to ReportPhish@umich.edu.
- Legitimate and reliable information about COVID-19 can be found at the sites below. Please use these as your primary sources of information, and share the public-facing links with your family and friends”
- U-M COVID-19 information site: https://publicaffairs.vpcomm.umich.edu/2019-novel-coronavirus-covid-19/
- Michigan Medicine COVID-19 information site: http://www.med.umich.edu/i/ice/resources/coronavirus.html
- Michigan Medicine Headlines – COVID-19 updates: https://mmheadlines.org/covid-19-updates/
- USG CDC COVID-19 site: https://www.cdc.gov/coronavirus/2019-ncov/specific-groups/guidance-business-response.html)
Phishing attacks are the largest threat to the security of data at Michigan Medicine. Some helpful tips to avoid taking the bait:
- Always avoid clicking links or opening attachments from unsolicited emails.
- Never enter your user your user ID, password, personal or financial information to any email prompt from an unfamiliar source.
- Watch for emails demanding immediate reaction and causing strong emotion.
- When reading any email, stop and think before reacting.
- Verify a charity’s authenticity before making donations. Review the Federal Trade Commission’s page on Charity Scams for more information.
- A variety of resources are available at Safe Computing: https://safecomputing.umich.edu/be-aware/phishing-and-suspicious-email/
- If you have questions about how to recognize phishing red flags, email firstname.lastname@example.org. This is a resource for your general questions, but should never be used to report a suspected phish. When in doubt, never hesitate to report any suspicious emails using the “Report Phish” button.