connect. communicate. collaborate.
  • Home
  • SECURITY ALERT: Coronavirus-related phishing attacks

SECURITY ALERT: Coronavirus-related phishing attacks

In March, I sent an email alerting the KU community that criminals were using the COVID-19 pandemic to send phishing messages, dangerous attachments and links to malicious websites. These attacks have continued and intensified over the past several weeks because attackers know people remain frightened and crave COVID-19 information. This pandemic makes us all more vulnerable to social engineering and cyber-attacks.

The most important thing I can tell you is:

  • Do not open attachments or click on links in emails from unknown senders that claim to provide coronavirus/COVID-19 information.
  • Check the “from” email address carefully to make sure it is legitimate.

There are plenty of credible sources for COVID-19 and related health information (see below). I can guarantee an email isn’t going to be the source of new and eye-opening information about COVID-19 or the pandemic.

Protecting Yourself

KU Information Technology employs sophisticated technology to protect your KU workstation and our campuswide systems. However, you are the most important line of defense. Your diligence in identifying suspicious emails or other malicious activity is the strongest protection for you and the University.

Remember—all phishing and malware messages share common features:

  • The “from” address is not a legitimate sender for the information source the message claims to be from. (For example, from address domain is “@gmx.com” but the message claims to be from the Centers for Disease Control and Prevention.)
  • The message is intentionally written in a way to make you panic and click without thinking.
  • The message might use poor spelling, grammar or unusual syntax.

Attackers will vary their techniques and COVID-19 phishing emails will come in different forms, so be wary of any messages that look suspicious.

Credible Sources for Coronavirus Information

The first and best source of authoritative information on COVID-19 is federal government's Coronavirus website. KU-specific information is available on the university's official COVID-19 website. The Douglas County Health Department has local information for Lawrence and the county.

If you receive a message you think is suspicious, do not respond, click links or open attachments. Forward the message to abuse@ku.edu and then delete it immediately.

For more information about cyber-threats and COVID-19, visit the Cybersecurity & Infrastructure Security Agency website.


KU IT on Twitter  KU IT on Facebook  KU IT on Instagram

Technology Help

Call KU IT Customer Support

785-864-8080
Phone support
Multi-factor authentication and password reset help 24 hours a day.

Email KU IT Customer Support

itcsc@ku.edu
Support via Email

Faculty/Staff Support

Faculty/Staff Support
Technology Support Centers

KU IT Knowledge Base

Knowledge Base
FAQs & More

Submit Help Ticket

Submit Help Ticket
Online Help

Call KU IT Customer Support

913-626-9619
Phone support

Email KU IT Customer Support

kuec_support@ku.edu
Support via Email

KU IT Knowledge Base

Knowledge Base
FAQs & More

Request Edwards IT Support

Request Edwards IT Support
Online Help

Comments or ideas on how we can serve you better? Send us your feedback!

KU Today