« All Blogs Nov 11, 2020 (Cleveland)
Tips for CTRs to Avoid COVID-19 Phishing Scams
Shaun Blog

Organizations and individuals constantly face the threat of phishing attacks, but cybersecurity experts report these attacks have significantly increased in the wake of the COVID-19 pandemic. Cybercriminals tend to exploit the fear and uncertainty that an event such as a global pandemic may inspire. Also, more employees are working remotely during this time, thus increasing the risk for phishing attacks. It’s critical that certified tumor registrars (CTRs) and others working in the cancer registry stay alert to these threats so that we continue our important duty of protecting confidential patient and hospital information. Thankfully, there are steps we can take to help protect ourselves against phishing and coronavirus-related scams.

Cybercriminals employ various techniques in order to obtain sensitive personal and or corporate information for fraudulent use. A common tool in the cybercriminal arsenal is that of phishing. Phishing is typically the use of email disguised as originating from a reputable source in order to lure one into providing personal, financial and or corporate information for malicious intent.

Some examples of coronavirus-related scams include phishing emails designed to appear coming from the Centers for Disease Control or the World Health Organization, health advice emails and workplace policy emails. These phishing emails often include links and downloads for malware – malicious software that, once downloaded, may allow an external source to infiltrate corporate and personal networks for the purposes of fraud and identity theft.

The most important skill to have when it comes to avoiding phishing scams is awareness. Be wary of unsolicited email from third-party sources and people you don't know. Be particularly skeptical of online requests for personal information. Check the email address or link for legitimacy by hovering your mouse button over the URL to see where it originates. Watch for spelling and grammatical errors within the email address and content. Look for generic greetings such as, “Dear sir/madam” or “To Whom It May Concern.” Finally, avoid emails that insist you act now.

Further protections against phishing attacks include refraining from clicking any links, icons or attachments within any suspect email. Never forward suspicious emails to coworkers, instead forward them to your IT or security department. Use secure in-house corporate tools such as instant messaging and collaboration sites instead of email when possible. Never use your employer-issued device for personal transactions.

In this time of COVID-19, it is critical to remain vigilant and aware. By following proper security practices, you can help reduce the likelihood of falling victim to phishing attacks. Think before you click, and remember, better data saves lives!

« Previous Blog Post A CTR’s Perspective on CHAMPS Oncology’s “COVID-19’s Impact on Cancer Data” Talk
Next Blog Post » The Case for Insight2oncology® (i2o®) as a Strategic Decision-Making Tool
About the Author

Shaun Lusker, CTR