An older email phishing scam has been spotted back in use on the CPS Network. Be cautious of an email with “Are you available?” in the subject line or body of the message. 

 

The cyber attacker behind this scam, typically disguising themself as a supervisor through a spoofed email address, will ask if you are available to do them a favor. What’s the favor? It’s usually a request to buy gift cards and send the scammer the redemption codes. 


Remember that no one at CPS will ask you to buy a gift card. NO ONE - EVER!  Always double-check the sender’s email address; business emails should come from an @cps.edu email address. If you spot this scam, forward the email to ReportPhishing@cps.edu.   

CPS | Personal Device.001.jpeg

Everything you need to know to keep your family and your job safer as you work from home. Click on the thumbnail image to download and print smart advice. 

Fake emails, texts, and phone calls about these payments have risen 6,000% in recent weeks.

 

Scammers are now sending emails threatening to poison victims' families with coronavirus unless a ransom is paid, sometimes listing a victim's real username and password to appear credible.

Here are clues that fraudsters are trying to steal your money.

A message about your payment arrives as an email, text, social media post, or phone call.

The “IRS” claims you must first make a payment in order to get a stimulus check.

The IRS only communicates by mail.

Fraudsters claiming to be with the IRS often insist you make a payment using iTunes gift cards, money orders, debit cards, or a wire transfer.

The “IRS” demands financial information before it can process your payment.

The “IRS” says it mistakenly paid you too much and demands you return the money.

The IRS has your financial information. It’s fraudsters who want it.

The IRS doesn’t do that. Fraudsters do.

The email urgently requests a donation and provides a link to the Red Cross.

A phone call or email promises to speed the deposit of your stimulus payment if you provide personal information.

Emails are often designed by fraudsters to collect personal information, not to help a charitable organization. To make a donation, visit the Red Cross website directly.

The only way to check on the status of your payment or provide information is to visit the IRS “Get My Payment” website. 

Unless you send money immediately, an email threatens to go public with embarrassing information about you and displays personal information like one of your passwords.

An email about your stimulus payment, how to order personal protective equipment, or getting a COVID test directs you to a professional-looking website with the word “coronavirus” in the web address.

The password was stolen in an earlier data breach. Change the password wherever it’s used and ignore the email.

Tens of thousands of fake websites that include the words “coronavirus” or “COVID” have been created in recent weeks.

An email refers to your “stimulus check” or “coronavirus check”.

A fake email or text has a link to “opt-out” of future messages.

The IRS will only refer to the payment as an “economic impact payment.”

Don't click on it. These links only prove to scammers that they’ve reached a working address.

Click on the image to download and print a copy of this list. 

CPS | Stimulus Scam opt.jpg

Oh, no. Budget cuts ahead? Be suspicious of emails from the "HR Department" alerting you to a meeting on Zoom to discuss important matters related to "Q2", such as budget cuts or personnel reductions.

 

According to the cybersecurity company Sophos, these emails link to a page that requires a username and password, which fraudsters then use to access the user's online accounts. 

Change of plans: your package must be picked up. Another fast-growing type of fraud right now involves phishing emails alerting a recipient that a package they ordered has arrived, cannot be delivered and must be picked up in person. 

Clicking on an attachment in the email with "instructions for picking up the package" downloads malware onto the victim's computer. 

Aware Force Cybersecurity News • April 2020 b • Edition #94

Zoom logo is a registered trademark. 

Cybersecurity Cartoon © CartoonCollections.com

Original content © 2020 Aware Force LLC

Aware Force is a registered trademark