Important Message from UBC IT

Spike in Fake Termination Phishing Emails and Meeting Invites

UBC Cybersecurity would like to share a notification, posted by FBI, alerting users that cyber criminals are taking advantage of COVID-19 pandemic to target teleworking employees through fake termination phishing emails and meeting invites.

 

Summary

In response to the recent increase in teleworking (working from home) during the COVID-19 pandemic, cyber criminals are targeting teleworking employees with fraudulent termination phishing emails and Virtual Tele-Conferencing (VTC) meeting invites like Zoom or Skype for Business, citing COVID-19 as the reason. Employees who are alarmed by the message may not scrutinize the spoofed email address that looks similar to their company’s legitimate one. The emails entice victims to click on malicious links purporting to provide more information or online conferences pertaining to the victim’s termination or severance packages. People should pay particular attention to emails coming from Human Resources or management with spoofed email domains.

 

Look out for:

  • Fake emails coming from Human Resources or management with spoofed email domains.
  • Calls from employees who mistakenly believe themselves to be terminated.
  • Employees reporting malware or ransomware infections to you.
  • Employees reporting suspicious activity on legitimate accounts such as video conferencing accounts.
  • Emergence of fake VTC applications installed on users’ smartphones, tablets, or computers.

Recommendations:

  • Promptly report malicious activity to security@ubc.ca.
  • Avoid opening attachments or click links within emails from senders you don’t recognize.
  • Require use of password or PIN for any teleconference or web meetings.
  • Beware of social engineering tactics aimed at revealing sensitive information. Use tools that block suspected phishing emails or that allow users to report and quarantine them.
  • Beware advertisements or emails purporting to be from telework software vendors.
  • Always verify the web address of legitimate websites or manually type them into the browser.
  • Do not share links to remote meetings, conference calls, or virtual classrooms on open websites or open social media profiles.