BYU Community: Beware of Phishing Emails, Social Media Postings and Text Messages Associated with COVID-19
Amid concerns of the COVID-19 pandemic, the Church Educational System (CES) Security Operations Center is advising the campus community to beware of scams and malware being circulated via email and social media.
These scams typically involve impersonation of health officials or other official communication to trick users into giving up personal information. We have recently learned that cybercriminals are spreading links to malicious sites disguised as reliable COVID-19 maps such as the one at Johns Hopkins University to infect computers with malware. Links to these sites are being circulated either on social media or through misleading emails. Please validate links connect to real maps and resources.
We encourage members of the campus community to visit coronavirus.utah.gov for factual information and updates. Individuals concerned they might have COVID-19 should call the Utah Coronavirus Information Line at 1-800-456-7707.
The US Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) advises individuals to exercise caution in handling any email with a COVID-19-related subject line, attachment or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.
CISA further encourages individuals to remain vigilant and take the following precautions.
Avoid clicking on links in unsolicited emails and be wary of email attachments.
Use trusted sources—such as legitimate, government websites—for up-to-date, fact-based information about COVID-19.
Do not reveal personal or financial information in email, and do not respond to email solicitations for this information.
Verify a charity’s authenticity before making donations. Review the Federal Trade Commission’s page on Charity Scams for more information.
If you have any questions, please contact the CES Security Operations Center at 801-422-7788 or cessoc@byu.edu.
Several Mac users on campus have contacted our office in concern due to a recurring message from their Outlook for Desktop app. Because Outlook is undergoing a server upgrade, Mac users will be prompted to allow the new server (called autodiscover-s.outlook.com) to configure their email settings. The pop-up prompt will look like the one pictured above. A few users have selected “Allow”, but haven’t checked the box for “Always use my response for this server”. If this box is left unchecked, the same prompt will return regularly, which can be inconvenient and confusing.
Small businesses should be on-guard against a growing wave of identity theft and W-2 scams. Employers hold sensitive tax data on their employees – such as Form W-2 data – which is highly valued by identity thieves.