The Department of Homeland Security CISA (Cybersecurity and Infrastructure Security Agency) is warning individuals and businesses to remain aware of scams related to the current coronavirus outbreak.

CISA encourages everybody to remain vigilant and take the following precautions:

• Avoid clicking on links in unsolicited emails and be wary of email attachments.

• Use trusted sources—such as legitimate, government websites—for up-to-date, fact-based information about COVID-19.

• Do not reveal personal or financial information in email, and do not respond to email solicitations for this information.

• Verify a charity’s authenticity before making any donations.

In addition to the CISA recommendations, Capital Business Systems’ Managed Network Services team would like to share these tips for staying safe from phishing scams and social engineering attacks:

• Watch out common indicators of phishing pcams, including:
   – Suspicious or unknown email senders
   – Generic greetings such as “Sir/Ma’am” or “Dear Valued Customer”
   – Poor spelling and grammar
   – Suspicious email attachments

• Be wary of unsolicited calls or emails from individuals asking about employees or internal information.

• Do not respond to or comply with requests that seem odd, even if they appear to come from a person in authority at your company. If the CEO emails you to purchase gift cards and then send them the activation codes, don’t do it. If the CFO emails you to place a large wire transfer, don’t do it. Instead, call or video chat with the requesting person to verify it was actually them that sent the request. If you’re both working in the office, stop by and verify the request face to face.

• If you are unsure if a request is legitimate, verify it by contacting the person or company directly. Ideally using a different contact method than they used. If they emailed a request, call them on the phone to verify it was them.

These scams can be tough to catch, and the best way to defend against them is ongoing training that simulates phishing attacks on your employees. Capital Business System’s Managed Network team has the ability to pair this simulated phishing testing with ongoing cybersecurity training and reporting, to help you and your employees stay safe from these evolving threats.

Please contact us today for more information.