The COVID-19 epidemic has changed the world in many obvious ways. No one can miss the closure of businesses, the unstocked shelves, and the lack of traffic. People know their health, jobs, and investments are at risk, and the only way to improve the situation is to stay home.
But one threat associated with COVID-19 has gone noticed by many: breaches to cybersecurity. Whenever uncertainty occurs at a national or international lever, scammers and hackers find new ways to exploit Internet users as the work online or search the web on their own time. In this specific situation, cybercriminals are using the widespread panic created by COVID-19 to prey on people’s fears and weaknesses. The dramatic rise of remote workers and home internet usage combined with confusion regarding state and federal government assistance plans has created the perfect environment for scammers and hackers to thrive.
How Do Hackers Take Advantage of COVID-19?
The World Health Organization recently released an advisory regarding the threat of new and ongoing scams related to the spread of the coronavirus. One of the most common scams currently used by hackers and cybercriminals is requests from fake charities. Scammers will present themselves as representatives of a charitable organization, often well-known groups like WHO and the Red Cross. While imitating these organizations, cybercriminals ask for “donations.” Unfortunately, many people who want to donate money to help with relief efforts fall victim to these scams.
Phishing is a cyber scam as old as the Internet itself. However, the spread of COVID-19 has brought with it a new variant of phishy emails. Just as they do with donation fraud, scammers pretend to be agents of health organizations such as WHO and the Centers for Disease Control and Prevention. Cybercriminals make it look like the emails contain important health tips, outbreak maps, and other useful information to entice unsuspecting victims to open email attachments. Once these attachments have been opened or downloaded, the victim’s computer becomes infected with malware.
What to Look Out For
Cyberattackers and scammers tend to prey on the elderly and other people who tend to be less computer savvy. However, anyone can fall prey to scams, especially when distracted by a major pandemic. It is imperative that everyone takes the proper precautions when doing anything online, either for work or for pleasure. To avoid viruses and malware, what can Internet users look out for?
People should be wary of any form of communication supposedly coming from a state or federal agency if:
- The email address doesn’t match the format of the organization’s domain name
- The email includes unexpected attachments
- The organization requests you to provide any personal information over email
Whenever you are unsure about a sender’s true identity, do not open email attachments or download content. Email is the easiest and most common vehicle for malware. If something appears unfamiliar to you or seems not quite right, search the company or sender. Do not respond until you have verified they are who they claim to be.
The Best Defense
The best way to protect yourself or your business against scams and other types of cyberattacks is to be proactive with threat hunting and response measures. Always try to stay up to date on the types of scams commonly run and cyberattack strategies being used by online criminals. To reduce the chances of falling prey to an attack, educating yourself and your employees or fellow coworkers about the signs and associated risks of phishing. Organizations such as the WHO and Department of Homeland Security regularly provide updated information about types of scams and cyberattacks on their websites. You should review these sites frequently. Criminals get better by the day, and they are constantly finding new ways in which to commit their crimes. You may also want to consider purchasing cloud-based security software, especially if you use the Internet for work.
Make Online Safety a Priority
If a possible threat has been identified, you should report it immediately to your employer, any other companies or organizations that may be involved or affected, and the appropriate authorities. If you have fallen victim, discontinue the use of any potentially corrupted hardware until it has been thoroughly cleaned or repaired, and the threat has been neutralized. Once your hardware has been deemed to be safe again, reset all of your passwords and log-in credentials. If this does happen, hopefully, you and your business will learn from the experience and start prioritizing online security.