California is a disaster-prone state, and emergency situations such as wildfires, earthquakes and floods create opportunities for fraudsters to capitalize on vulnerable populations. The COVID-19 pandemic is no different.
On March 4, 2020, Governor Gavin Newsom declared a state of emergency in response to the COVID-19 public health emergency. In order to protect California consumers during this time, Attorney General Xavier Becerra outlined tips on how to combat personal attacks, specifically on price gouging, coronavirus scams, privacy and security for families, protection of CARES Act payments, and unemployment.
Attorney General Becerra also warned Californians to be wary of any unsolicited email providing information about coronavirus, even ones that claim to be from reputable organizations. These are likely to be scams or “phishing” attempts to gather personal information or to infect devices with software viruses. If an email is opened accidentally, delete the email and do not click on any links or otherwise engage with the sender. According to the California Department of Technology, the Security Operations Center detects more than 200 million malicious probes daily across the State network, even prior to COVID-19.
California Child Support Services is reminding employers and stakeholders, as well as the public, to be mindful of COVID-19-related phishing and email scams. As a precaution, Child Support Services recommends thoroughly reviewing any incoming emails that may not be expected or may be considered abnormal.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Internet Crime Complaint Center (IC3) have also released an alert regarding an increase in extortion phishing and email scams. Cybercriminals are attempting to distribute malicious attachments, exploited PDFs, and various other executable files via legitimate-looking emails. Phishing attempts included links to legitimate SharePoint/Outlook log-in pages in order to fool users into entering personal department credentials. Once the user’s credentials are obtained, the malicious actor then uses the compromised account to further spread malicious emails to more employees.
Some of these phishing campaigns or emails have included the use of compromised legitimate State or Federal agency email addresses to send the phishing emails. Malicious emails have also begun to direct users to legitimate web services, such as Google Forms, that were created to mirror a log-in page, such as SharePoint. Users then enter log-in credentials, which are collected by the malicious actor and used to take control of account information.
For more COVID-19 consumer information and resources, click here.
Additional resources can be found below: