As we focus on research around COVID-19, cybercriminals are focused on targeting researchers. The newest attack involves a fraudulent request for an interview with a well-known New Yorker columnist, Atul Gawande. From early reports, after initial contact, it seems the cybercriminals start a back and forth communication with anyone who responds. The attacker may even set up a phone conversation but ultimately, they send a malicious Microsoft Teams-like link. Once the user accepts the link, malicious code attempts to execute on the user's system which has resulted in a compromise of the system as well as the user's personal and financial information. Spear-phishing is nothing new and we can avoid falling victim to it by following some basic precautions.
Recommendations:
- Beware of text messages, emails, or social media contacts. Messages purporting to be from columnists or entities requesting an interview can be validated by contacting the source through other means.
- Always verify contact information from unsolicited sources. A good way to do this is navigating to a known source like the requestor's employment site (e.g. to verify joebruin@ucla I would check the contact information at UCLA.edu)
- Avoid opening attachments or clicking links within emails or sms messages from senders you don’t recognize.
- Keep your systems up to date. Most malicious attacks utilize vulnerabilities in systems where a patch or other mitigation is available.
- Install anti-malware software on your system and keep it up to date. Using a well-known and up to date anti-malware program can make a significant difference in the efficacy of a malicious attack.
Report:
If you suspect that you have been phished, or you believe an email might be malicious, you can still report it to the Information Security Office to investigate by sending an email to security@ucla.edu.
