We’ve learned over the past couple of years that threat actors are more than willing to take advantage of a natural disaster to scam users. CISA recently released a warning encouraging users to be hyper-aware of attackers using the recent hurricane to deliver malicious links or attachments.
Attackers will use social engineering and phishing attacks to bait users into handing over credentials, so it is encouraged for users to pay special attention to subject lines, attachments and links involving a natural disaster. It’s important that users not only remain cautious regarding emails. Any suspicious text messages, social media communication and charity sites should be reported to IT if the user accessed suspicious sites or clicked on any suspicious links through any device that has access to work related data.
CISA has provided addition guidance regarding natural disaster scams HERE.