SUBJECT:

Be Prepared: COVID-19 Scams Are Targeting You

The COVID-19 pandemic presents an imminent and serious threat to the
members of our community, the US healthcare system, and the economy. The
welfare and safety of our community during this time is our primary
concern. Yet in every crisis there are those who will attempt to profit
from the chaos and disruption created. Across the Internet we are seeing
evidence of organized crime attempting to lure unsuspecting users to
bogus COVID-19 information websites that quietly download malicious
software designed to steal corporate and personal information. A recent
example uses the actual COVID-19 data taken off an identical
(legitimate) site provided by Johns Hopkins University. This can be
safely viewed at: https://app.box.com/v/coronavirusscam.

In addition, federal law enforcement and the FTC are reporting a massive
growth of spam, phishing, and text messaging, as well as web-based
advertising offering false COVID-19 cures, treatments, and personal
protection advice.

THE IMPERATIVE: PROTECT YOURSELF
Do not respond to email, phone, or digital advertising pertaining to the
COVID-19 pandemic. Social media is not a reliable source of information.
Rely instead on established, respected news sources, such as:

UC San Diego’s Information Page: https://coronavirus.ucsd.edu/
The NY Times https://www.nytimes.com/news-event/coronavirus
The UN’s Coronavirus Portal:https://www.un.org/coronavirus

While the campus’ anti-spam service has been stopping several large
coronavirus-related phishing campaigns, some messages will manage to get
delivered. If you receive a suspicious email please forward it to
abuse@ucsd.edu where it will be automatically analyzed and the results
used to prevent additional deliveries.

IMMEDIATE ACTION REQUIRED: PROTECT YOURSELF AND YOUR DATA AT HOME
At home your laptop or home computer does not benefit from the full
range of protections computers receive when on campus. Please take the
following actions when using a home computer off campus.

*Immediately run the system update service which installs software fixes
for known security weaknesses in your software.

Apple instructions
https://support.apple.com/guide/mac-help/get-macos-updates-mchlpx1065/mac

Windows instructions
https://bit.ly/3aEa5vI

*Install a quality antivirus product on your personal computer. The
campus recommends the Sophos Home edition. See
https://antivirus.ucsd.edu for more information.

*Make sure that all your personal banking, social media, and email
accounts are protected by two-step login, also known as multi-factor
authentication (MFA). Most commercial services do this by texting you a
short code to a phone registered with the service. Take the time to set
this up immediately.

Remember, during these difficult times, your digital life may be your
primary way of interacting with the campus and your friends and family.
Just as you’re protecting your physical well being, protect your digital
life too. Please feel free to contact the IT Services or Health service
desks for support
(https://blink.ucsd.edu/technology/help-desk/service-desk/index.html).

Michael Corn Chief Information Security Officer UC San Diego Ken Wottge Chief Information Security Officer UC San Diego Health