State CIO James Weaver shared the information located at the bottom of this message thread regarding a new phishing email threat that is based on fears surrounding the coronavirus.
Please share this information with fellow staff, faculty, and students in your areas. Encourage everyone to forward any instances of emails received that reference the coronavirus to email@example.com. We also want to reiterate that recipients should never click on links within emails from unknown sources.
ITS Communications Team
Beginning of forwarded message:
I wanted to update you on the latest information we have received concerning potential information security threats related to the coronavirus outbreak. News reports indicate that threat actors are taking advantage of the coronavirus outbreak in new phishing email campaigns using public fear to increase the likelihood that users will click on a link or open an attachment.
In one campaign, the phishing email reportedly impersonates the U.S. Centers for Disease Control and Prevention, warning of new infections and promising to provide a list of active infections in the surrounding area if users click on a link. Other phishing emails ask recipients to open an attachment to view safety measures regarding the spread of the virus.
State Chief Information Security Officer Vinod Brahmapuram and the Office of Cybersecurity team are monitoring the situation and will continue to communicate with your CISO and security staff with any new developments.
This is a good opportunity to remind staff that cyberattacks often begin with phishing campaigns that try to trick employees into downloading malware or provide account credentials. Now, as always, it is important to be on the lookout for emails that appear to be suspicious.
If you see any unusual activity in your systems please call WaTech’s state Office of Cybersecurity immediately at 360-407-8800.
Thank you for your continued efforts to keep Washington’s data safe and protect our networks from cyberattacks.
Director and State CIO