Globally, people are looking for honest information, facts, and answers to the COVID-19 (Corona Virus) Pandemic. Many organizations, including the Center for Disease Control (CDC), are doing their best to educate the public and prevent mass hysteria. While reliable people are working hard to disseminate data, there are those who are doing the exact opposite — hackers. These cybercriminals are preying upon unsuspecting people with phishing attempts to lure unsuspecting people into giving away sensitive information.
HOW ARE THE CYBERCRIMINALS ACCOMPLISHING PREYING ON YOU?
Much like other national or global tragedies (hurricanes, tsunamis, fires, etc.), these threat actors monetarily capitalize on these disasters by:
Additionally, the pandemic has given hackers the chance to peddle snake oil remedies, present investment opportunities in faux companies who are offering a cure, and hawking bogus, in high-demand medical equipment. With proper protection and knowing what to look for, it is possible to stave off these attacks.
PASSING ALONG THE [CYBER] VIRUS
1. New website domains using words like “Coronavirus” or “COVID-19” are popping up everywhere. Some of these are legit, but some are intentionally set up for malicious intent. In the age of social media and information sharing, this is an easy way to spread the scam/virus quickly. For example, many Security Operations Centers are seeing fake Coronavirus maps like this one website discovered by Reason Cybersecurity Ltd.
2. Another way is through email impersonations from seemingly reputable organizations such as the World Health Organization (WHO) and the CDC. Hackers will make the email address look legitimate and include a malicious link in the body of the email. Once clicked it will take the user to a completely new phishing website with malware.
3. This crisis quarantine has companies scrambling to allow employees to work from home or remotely. Remote workers rely on email communication from bosses and coworkers. Cybercriminals know this and have devised ways to prey on employees who are potentially waiting for news via email from their employer regarding next steps. They make it seem like an email is from HR or the company owner so you may be tricked into opening it, which could cause significant damage to the company.
Here is an example of a phishing email:
SOLUTIONS TO SPOT SCAMS & HOW TO PROTECT YOURSELF AND YOUR COMPANY
The best way to secure your company is by using security technology and educating employees:
Additionally, we recommend setting up two-factor authentication on all important logins, in particular, email, financial, and social media accounts. (What is two-factor authentication?)
Cybercriminals were around long before the COVID-19 pandemic and they will not go away after this crisis. They will always be looking for opportunities to exploit tragedies. It is up to companies to you to protect yourself and your company from being vulnerable to attacks.
Companies such as ECS + My IT are diligently working to ensure clients are protected from these predators, especially during critical times – even helping with clients working remotely. Contact us if you would like to discuss your company’s cybersecurity concerns and IT needs
6620 Riverside Drive, Suite 200
Metairie, LA 70003
347 W. Bert Kouns Industrial Loop
Shreveport, LA 71106