In today's fast-paced world, scammers exploit current events for personal gain. They use events in the news to trick us into revealing sensitive information. Understanding these tactics is crucial in safeguarding Yale's data and systems.
Let’s explore how these scams operate and how we can protect ourselves.
Capitalizing on current events
Scammers are opportunists who prey on fear, curiosity, and urgency.
The recent Crowdstrike incident highlights how quickly scammers can capitalize on a situation. Crowdstrike released an update that caused global computer problems for their clients. Soon after, scammers sent phishing emails claiming solutions for these issues. They used social engineering tactics to get recipients to click on malicious links.
In addition to CrowdStrike, other examples of current event scams include:
- COVID-19: Scammers sent phishing emails offering fake vaccines or financial assistance.
- Natural disasters: Bad actors have impersonated charities to steal donations meant for relief efforts.
- Major data breaches: Criminals have posed as affected companies, requesting users to "verify" their account information.
To protect yourself from these scams, remember these key points:
- Be skeptical of urgent requests. Scammers often create a sense of urgency to pressure you into making hasty decisions. Take note if you receive an unexpected email demanding immediate action. Take a step back and verify the sender's identity before proceeding.
- Verify the source. Always double-check the sender's email address and any links or attachments before clicking. Look for typos, grammatical errors, or suspicious language in the email addres or links. These clues may indicate a phishing attempt.
- Beware of emotional manipulation. Scammers often use fear, curiosity, or greed to entice you to click on malicious links. Be cautious of emails that evoke strong emotions or promise extraordinary results.
Following these guidelines can help protect yourself and Yale from becoming victims of these scams.
When in doubt, remember the 3 Rs:
Recognize suspicious activity in emails, text messages, or phone calls.
Relax and take a moment to consider if it's legitimate.
Rethink your response before taking any action. The best action is to be safe, not sorry and report the suspicious activity to the Information Security Office (ISO).
Keep building your cyber muscles
Listen to our new podcast episode, Beyond the Password: 3 Essential Tips for Protecting Your Digital Identity.
Complete our summer wordle challenge for a chance to win an exclusive cybersecurity awareness prize pack.
