Fraudulent phone calls from fake Microsoft technical support
Cybersecurity Team of Masaryk University has recently received several reports from users about fraudulent calls to Masaryk University's specialist workplaces.
Warning: Our university could face a massive wave of spear-phishing e-mails in the upcoming days
The cybersecurity team of Masaryk University would like to inform you about an increased risk of being targeted by fraudulent e-mails in upcoming days, so-called spear-phishing. Fraudulent e-mails could also misuse the current situation around the coronavirus pandemic. Given the nature and possible consequences of this situation, we would like to give you more details.
What’s the threat about?
In the time of coronavirus pandemic, we need to be vigilant. The attackers exploit the fear and uncertainty of users. We would like to inform you about the current threat of cyber attacks on information and communication systems in the Czech Republic. The most endangered targets are hospitals and other healthcare facilities. However, universities and other important targets are also at risk.
According to the National Cyber and Information Security Agency (NÚKIB), a wave of the most intensive cyber attacks can be expected in upcoming days. However, there are also indications that the preparatory phase of the attacks is already in progress, namely via a spear-phishing campaign. The National Cyber and Information Security Agency assesses this threat level as High – the threat is probable to highly probable. You can find more information here.
What is spear-phishing?
More sophisticated attack than Phishing, which uses prior obtained information about the victim. Due to a more focused targeting of specific individuals or groups of users, this method attains a higher effectivity.
Self-defense
In connection with the current situation, we would like to point out Cybercompass – our course about the fundamentals of information security for users. Especially its online lesson on Self-defense and Phishing guide.
In conclusion
Please, be wary. If you receive a suspicious e-mail, feel free to report it to the CSIRT-MU team at csirt@muni.cz
