Is your business prepared for a pandemic? Find out how to keep your business productive and your team connected.
One of the unfortunate side effects of the coronavirus (COVID-19) pandemic has been an outbreak of COVID-19-related cyber scams, with some even effecting reputable sites like HHS.gov. Whether it’s email, websites, or social media, exercise caution when clicking or interacting with COVID-19 materials online. Here are some things to look out for and resources you can use to help keep yourself safe.
Coronavirus-themed Phishing Attacks
People all over the globe are falling victim to coronavirus-themed phishing emails posing as legitimate communications from well-known organizations. Why are these phishing attacks on the rise? As people panic or seek to gain more information, opportunistic cybercriminals customize campaigns they know people will interact with to infect their targets.
Hacker activity has been discovered everywhere, including evidence of state-sponsored hackers from Russia, China, and North Korea. Victims may find themselves infected with malware, ransomware, or trojans while trying to download attachments or input personal information from links they follow.
For instance, in this video from ZDNet, bad actors use legitimate health information from the World Health Organization (WHO) as bait to infect users’ systems with trojans. These trojans then allow hackers access to the victim’s banking information.
How can you stay safe? First, it’s important to remember that official organizations will never ask you for personal details via email. Passwords, Social Security numbers, and login credentials are just a few examples of information that scam emails will ask for that you should never give out. Second, stay calm and don’t panic. Bad actors are explicitly targeting individuals who are panicked because panicked people are more inclined to make a mistake they would not usually make. Clicking links or downloading files sent by strangers are just a couple of examples.
If you are sent an attachment and are unsure if it legitimate, reach out to the department that sent it or report it to your IT department.
Resources That Can Help
The Cybersecurity and Infrastructure Security Agency (CISA) pulled together critical information into one concise page on Defending Against COVID-19 Cyber Scams. It has useful links on topics such as phishing, social engineering, and risk management best practices. The FBI also put out a PSA warning people about coronavirus-themed fraud schemes.
Free Security Offerings
Several technology-focused organizations have expanded their offerings to keep their customers safe from attacks. This security offering line-up from Cisco will be available until July 1, 2020, and represent a wide variety of helpful tools for employees working from home. SentinelOne is also offering free platform access until May 16, 2020 in order to help enterprise companies and employees working from home stay identify and defeat cyberattacks.
Norton’s Advice on Coronavirus Phishing Emails:
Internet security giant Norton has written an article on how to protect against COVID-19 scams.
SANS Security Awareness Work-from-Home Deployment Kit: SANS has put out the complete work-from-home security kit for employees at home for the first time, including tips for children who are home from school and doing schoolwork online.
The Health Industry is a Top Target
Health industries are especially vulnerable right now as hospitals deal with an influx of patients and life science companies race to produce a COVID-19 vaccine. Here are some recent stories of opportunistic attacks.
Maze ransomware attackers extort vaccine testing facility: A cyber gang attacked and is extorting a clinical research organization.
Hackers target US health agency during coronavirus crisis: Multiple sources reported that the US Health and Human Services Department was attacked over the weekend of March 14th and 15th.
Czech hospital hit by cyberattack while in the midst of a COVID-19 outbreak: A cyberattack hit one of the biggest COVID-19 testing laboratories in the Czech Republic on March 12th.
Unfortunately, there are people out there using the coronavirus pandemic as an opportunity for personal gain. Fortunately, there are many resources available that can help keep businesses safe. Practicing risk management, training employees, and keeping up-to-date with the current threat landscape are all excellent preventative measures.