Is your business prepared for a pandemic? First, read through our coronavirus cyber scam information for San Diego businesses. Then, find out how to keep your business productive and your team connected and learn about cybersecurity offerings for remote teams.
With the coronavirus (COVID-19) pandemic has come an outbreak of COVID-19-related cyber scams, even effecting reputable sites like HHS.gov. That’s why we’ve put together this collection of coronavirus cyber scam information for San Diego businesses. Ideally, these tips will help you exercise caution when clicking or interacting with COVID-19 materials online. Whether it’s email, websites, or on social media, here are some things to look out for and resources you can use to help keep your data safe.
Coronavirus-themed Phishing Attacks
Why are phishing attacks on the rise? Each day, more and more people fall victim to coronavirus-themed phishing emails. These innocent-looking emails pose as legitimate communications from well-known organizations. For instance, Opportunistic cybercriminals customize email campaigns they know people will open, such as emails with information about the virus. The target interacts with a phishing email when they download attachments or input personal information. This interaction allows cybercriminals to infect their system with malware, ransomware, or trojans.
Hacker activity has been discovered everywhere, including evidence of state-sponsored hackers from Russia, China, and North Korea. For instance, in this video from ZDNet, bad actors use legitimate health information from the World Health Organization (WHO) as bait to infect users’ systems with trojans. These trojans allow hackers access to the victim’s banking information.
How can you stay safe?
- First, it’s important to remember that official organizations will never ask you for personal details via email. Passwords, Social Security numbers, and login credentials are just a few examples of information that scam emails will ask for. Never give out this kind of personal information via email.
- Second, stay calm and don’t panic. Bad actors explicitly target panicked individuals. Panicked people are more inclined to make a mistake they would not usually make. For example, a panicked person clicks links or downloads files sent by strangers more often than a person who is not panicked.
Report suspicious-looking attachments to your IT department or confirm with the department that sent it before opening.
Federal Resources
The Cybersecurity and Infrastructure Security Agency (CISA) pulled together critical information into one concise page on Defending Against COVID-19 Cyber Scams. On this page, you’ll find useful links on topics like phishing, social engineering, and risk management best practices. The FBI also put out a PSA warning people about coronavirus-themed fraud schemes.
Free Security Offerings
Several technology-focused organizations have expanded their offerings to keep their customers safe from attacks. This security offering line-up from Cisco will be available until July 1, 2020. It represents a wide variety of helpful tools for employees working from home. SentinelOne is also offering free platform access until May 16, 2020 in order to help enterprise companies and employees working from home stay identify and defeat cyberattacks.
Norton’s Advice on Coronavirus Phishing Emails
Internet security giant Norton has written an article on how to protect against COVID-19 scams.
SANS Security Awareness Work-from-Home Deployment Kit: SANS has put out the complete work-from-home (WFH) security kit for employees at home for the first time. This WFH security kit also contains tips for children who are home from school and doing schoolwork online.
The Health Industry is a Top Target
Health industries are especially vulnerable right now to coronovirus scams. Many hospitals struggle to deal with an influx of patients, while life science companies race to produce a COVID-19 vaccine. In the middle of these new activities, bad actors target distracted employees and security weaknesses.
Here are some recent stories of opportunistic attacks.
- Maze ransomware attackers extort vaccine testing facility: A cyber gang attacked and is extorting a clinical research organization.
- Hackers target US health agency during coronavirus crisis: Multiple sources reported that the US Health and Human Services Department was attacked over the weekend of March 14th and 15th.
- Czech hospital hit by cyberattack while in the midst of a COVID-19 outbreak: A cyberattack hit one of the biggest COVID-19 testing laboratories in the Czech Republic on March 12th.
Final Thoughts
Unfortunately, there are people out there using the coronavirus pandemic as an opportunity for personal gain. Fortunately, there are many resources available that can help keep businesses safe. Practicing risk management, training employees, and keeping up-to-date with the current threat landscape are all excellent preventative measures.