Among COVID-19 virus concerns – phishing emails
In addition to good personal hygiene, Purdue faculty, students and staff should also keep up their digital hygiene to avoid falling for malicious emails about COVID-19, also known as Coronavirus.
The federal Cybersecurity and Infrastructure Security Agency (CISA) issued a warning that cybercriminals may send phishing emails pertaining to COVID-19 and containing malicious links or attachments, with the aim of collecting sensitive information or money by advertising a fraudulent charity.
Just as everyone is encouraged to take 20 seconds washing their hands with soap and water, ITaP recommends that everyone take their time when reading and reviewing their email. Any emails, texts or calls related to COVID-19, with the exception of official communications from Purdue, should be reviewed carefully.
CISA recommends the following:
- Avoid clicking on links in unsolicited emails and be wary of email attachments.
- Use trusted sources — such as legitimate, government websites — for up-to-date, fact-based information about COVID-19.
- Do not reveal personal or financial information in email, and do not respond to email solicitations for this information.
- Verify a charity’s authenticity before making donations. Review the Federal Trade Commission’s page on charity scams for more information.
In addition, consider these tips on how to spot a phishing email:
- Provokes fear or urgency. If the email asks that you act fast to avoid a serious consequence, be suspicious.
- Asks you to click. If an email says to click on a link, move your mouse to hover over it to see where it actually leads. If you even think there’s a problem, don’t click.
- Uses vague language. If the email is addressed to no one or a generic greeting such as “colleagues” and contains few details, it’s likely a scam. Look for spelling and grammatical errors as well.
If you spot a COVID-19 phishing email, or any phishing email, forward it as an attachment to email@example.com.
Last updated: March 9, 2020
- How Purdue's spam filtering works
- Know your BoilerKey, features to help prevent, solve lockouts
- Scammers gonna scam: What you can do to prevent falling for phishing attacks during COVID-19
- Instructors should save student data from Blackboard, as campus transitions to Brightspace
- Faculty member’s advice for Brightspace: Get started now (it'll be worth your time)
- New online proctoring tool offered for summer session