The cybersecurity team of Masaryk University would like to inform you about an increased risk of being targeted by fraudulent e-mails in upcoming days, so-called spear-phishing. Fraudulent e-mails could also misuse the current situation around the coronavirus pandemic. Given the nature and possible consequences of this situation, we would like to give you more details.
In the time of coronavirus pandemic, we need to be vigilant. The attackers exploit the fear and uncertainty of users. We would like to inform you about the current threat of cyber attacks on information and communication systems in the Czech Republic. The most endangered targets are hospitals and other healthcare facilities. However, universities and other important targets are also at risk.
According to the National Cyber and Information Security Agency (NÚKIB), a wave of the most intensive cyber attacks can be expected in upcoming days. However, there are also indications that the preparatory phase of the attacks is already in progress, namely via a spear-phishing campaign. The National Cyber and Information Security Agency assesses this threat level as High – the threat is probable to highly probable. You can find more information here.
More sophisticated attack than Phishing, which uses prior obtained information about the victim. Due to a more focused targeting of specific individuals or groups of users, this method attains a higher effectivity.
In connection with the current situation, we would like to point out Cybercompass – our course about the fundamentals of information security for users. Especially its online lesson on Self-defense and Phishing guide.
Please, be wary. If you receive a suspicious e-mail, feel free to report it to the CSIRT-MU team at csirt@muni.cz
Masaryk University's cybersecurity team warns of many compromised accounts whose login credentials have been leaked due to infostealers - malware that surreptitiously steals passwords and other sensitive data.
The Cybersecurity Team of Masaryk University warns of an ongoing spear-phishing campaign aimed at stealing login credentials for the Masaryk University Information System.