Warn your users about three ways attackers continue to exploit the COVID-19 crisis:

USB: A new ploy is bad actors mailing USB devices, appearing to be from your company to your users. Once plugged in, they can open up a channel that permits unauthorized remote control and capturing keystrokes, including passwords.

Fake Login Prompts: Remind your users to beware of login screens when they don’t expect them. Attackers create persuasive prompts that ask your users passwords for their logon, VPN, or Microsoft Office 365 login, and more. Sometimes the windows tell the user that their connection dropped, and to provide credentials to reestablish their link. Your Users must ignore those prompts and notify your IT team immediately.

Fraudulent websites and apps: Sites may have useful coronavirus information, but they also contain malicious attack software that strives to infect computers. Attackers create bad apps offering online statistics, tracking of the virus spread, and more.

Please forward this to your friends so they can alert their users too.