By Sam Horowitz, UCSB Chief Information Security Officer

Remote work is rapidly becoming the new normal for most of the campus. As we adjust, so do criminals. I have warned our community before about the hazards of phishing and spam. It is getting so much worse, that it needs another reminder.

Criminals never let a calamitous event go to waste. COVID-19 is no exception. The instances of phishing and malware related to COVID-19 are rising worldwide. Many of the email-based attacks revolve around fake news, false government warnings, and bogus charitable solicitations.

Any time you see an email related to COVID-19, take extra precautions. Look carefully at the source. Is it a real address or something designed to mislead you into thinking it's real? The same is true for links within the email. Don't click until you look carefully. Remember, you can test questionable links at

Criminals also embed malware, including ransomware in attachments, especially Microsoft Word and Excel documents. If you open a Word or Excel document and it asks to enable macros, don't do it unless you know the source. Microsoft Office macros are a common way to deliver malware infections. If you get an unexpected attachment from a questionable source, you can test it at It's also important to keep your systems updated.

Be on the lookout for social engineering attacks too. Many take the form of bogus charities using COVID-19 as a reason to solicit donations. Do your research, and don't be fooled by messages designed to pull at your heartstrings that originate from criminals. They are good at what they do. Your vigilance needs to be better. Remember, you can go directly to a charity's website to donate. You don't need to click the link in an email.

As we all do our part to limit the spread of the virus, please do your part to protect yourself, your family, and the campus community from criminal enterprises that seek to separate you from your money. Stay well, and let's look forward to seeing each other on campus.