2 min read

Phishing and Malware Attacks Against NASA Employees Have Doubled

Silviu STAHIE

April 07, 2020

Phishing and Malware Attacks Against NASA Employees Have Doubled

NASA”s Security Operations Center (SOC) experts have issued a warning regarding  a growing trend toward phishing attempts, malware attacks, or just people accessing malicious sites.

Many NASA employees have started to work from home, just like numerous other employees throughout the world. And, just like everyone else, they are now more exposed to phishing attempts and other types of cyberattacks, which are usually blocked by the SOC.

The volume of cyberattacks has increased considerably with the advancement of the COVID-19 pandemic, and NASA is a prime target for specific attacks. If anything, federal employees are all the more exposed as many of them can be used as a jumping-off point into protected infrastructure, if they fall for a phishing attempt.

“Cyber criminals have increased sending emails with malicious attachments and links to fraudulent websites, attempting to trick victims into revealing sensitive information and gain access to NASA systems, networks, and data,” reads the NASA advisory.

“Lures include requests for donations, updates on virus transmissions, safety measures, tax refunds, fake vaccines, and disinformation campaigns. When someone clicks on these links, the unsuspecting user has malware delivered to their system (in split seconds) capable of data exfiltration (stealing our credentials, files, and information).”

Believing that these types of campaigns only happen on computers is wrong — mobile devices are just as exposed. Just like in the private sector, NASA employees were asked to follow a few rules to mitigate attack vectors.

· Use the NASA VPN before starting work. This allows your system to leverage ALL of NASA”s security protections.

· Don”t open your personal email or non-work-related social media on your NASA computer systems/devices. Also, be cautious before clicking on links in text messages and social media.

· Keep your personal email and social media separate from NASA.

· Ensure your NASA electronic devices receive required patches and updates.

· Use authorized software, video, and teleconferencing systems and protect access instructions to them.

· Continue to protect NASA sensitive information in accordance with NASA policies, including encrypting NASA emails containing sensitive information.

· Do not reveal personal or financial information in emails, and do not respond to email solicitations for this information.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read