A malicious website that silently installs malware is circulating on the Internet pretending to be a live map of COVID-19 cases by John Hopkins University
There is a legitimate Johns Hopkins COVID-19 map site, and there is a fake one that resembles it.
Stop and ask a few questions before clicking on links to news stories or forwarding them to someone else.
- Can you place the mouse pointer on the link and see the complete website address? If so, check to ensure it is the correct web address.
- Is the website a reputable source of information? If not, you could be receiving or spreading misinformation.
- Do I know the person that forwarded me the news story? If so, call or text them to confirm they did in fact send it to you and ask how they received or found it.
These simple steps can help prevent your computer from being infected and used by cyber criminals to access your personal data. When searching for information on COVID-19, use only trusted state and federal government websites or check your local news media sources. Additional tips are below for spotting phishing emails and being vigilant while using social media.
Common signs that an email is a possible phishing message:
- The “To” field is blank, an obvious sign it could be a phishing email. A reputable company would usually include your email address.
- The sender email address does not match the naming convention (standard format) used by the company. For example, firstname.lastname@example.org as opposed to email@example.com.
- Bad grammar, spelling mistakes and incorrectly used phrases.
- The email contains an unexpected attachment which you did not request be sent.
- You are asked to click a link and confirm personal information (i.e., banking, medical, or login credentials).
- The email is attempting to create a sense of panic or fear and requires immediate response on your part.
Tips to remain safe while using social media:
- Set the account to private or invisible. This will shield the page and any post from public viewing.
- Do not accept a friend request from individuals or groups you have not initiated.
- Keep specific information about yourself and your family off social media. Posting a birthday gives cybercriminals one more piece of information they did not have before.
- Disable location services that allow anyone to see where you are at any given time.
- Do not click on ads on social media sites.
- Enable multi-factor authentication if the social media site or application supports it.
More information can be read at the U.S. Cybersecurity and Infrastructure Security Agency site (https://www.us-cert.gov/) on avoiding social engineering and phishing attacks (ST04-014), as well as staying safe on social networking sites (ST06-003).
Bookmark the Alabama Cybersecurity site (https://cybersecurity.alabama.gov/) to stay informed on the latest issues and useful tips to stay safe online.