Do not use unknown USB devices
A recent FBI Alert warns that cybercriminals are mailing USB drives containing malware to US organizations. Packages may appear to be official business or Amazon gift boxes with a thank you letter, USB drive, and counterfeit gift card. These USB drives, when connected to a computer, will enable cybercriminals to deploy ransomware. Malicious USBs have also been planted in public areas to entice victims to pick them up by labeling them “finances, bonuses, payroll” or something similar. Also beware of “free” USBs, charging cords, and charging sticks given out as promotional gifts.
Never plug an unknown USB into your personal or work computer. If you receive one in the mail, always validate it is legitimate with the sender and have it scanned by your IT staff prior to using.
See our CTR Cyber page for cybersecurity internal controls. Please contact [email protected] with any incidents or suspected incidents of fraud or cyber threats or if you need support from our Statewide Risk Management Team.