The Cybersecurity and Infrastructure Security Agency is urging the public to be cautious of emails that look similar to National Cyber Awareness System notifications and contain malicious threats. CISA said Tuesday that the email phishing scam deploys a spoofed email address and tricks users into downloading malware through attachments that mimic Department of Homeland Security alerts.
The agency is calling on users to verify unsolicited emails, links and attachments and report suspicious emails to authorities such as information technology helpdesk personnel and email service providers. CISA noted that it never sends NCAS email alerts that contain attachments.