Greg Sisson, acting deputy chief information officer for cybersecurity and chief information security officer at the Department of Energy (DOE), said the public must be wary of scams that use social engineering tactics amid the pandemic.
Sisson wrote in a blog post published Monday that social engineering scams use human interaction through texts, phone calls, emails and online platforms to obtain personal information.
He noted that common forms of social engineering scams include phishing, spoofing and disinformation campaigns. He also cited “smishing,” which are messaging attacks that manipulate users into clicking malicious links; and brushing, which are primarily used by online vendors to exploit personal data and fabricate orders as well as positive reviews.
“Criminals’ level of sophistication has increased, and they are using machine learning and artificial intelligence to build patterns and improve their tactics,” said Sisson.
He recommends users to confirm email senders, assess message content, contact sources before sending personal information, remove unwanted data on social media and verify the trustworthiness of online content.
