The worldwide COVID-19 outbreak has provided malicious actors with an unprecedented opportunity to weaponize widespread fears and concerns among the general public for the purposes of social engineering schemes prosecuted through malicious emails. For the bad guys, this is the ultimate in target-rich environments.
As rapidly mounting infections in western countries drive a growing climate of fear, employees need to be educated and trained to expect these kinds of emails, accurately identify them, and handle them safely. Are you aware that one of the first things hackers try is to see if they can spoof the email address of someone in your own domain? Now they can launch a “CEO fraud” spear phishing attack on your organization, and that type of attack is extremely hard to defend against unless your users are highly ‘security awareness’ trained.
In recent weeks, the frequency of COVID-19 phishing and social media scams has increased.
Cybercriminals are using convincing emails and social media posts disguised as coming from legitimate health authorities and government departments to prey on fears and unanswered questions about novel coronavirus.
Follow these cyber security awareness habits to stay protected from phishing and other cyber threats:
Ø If you do not recognize the email sender, do not open the email
Ø Pay attention to the spelling of email addresses, subject lines, and email content
Ø Be wary of emails that use urgent language and ask you to help out by transferring funds or sharing confidential information
Ø Do not click on links from unsolicited emails
Ø Never send confidential information in an email (except use of encryption)
Ø When shopping online, always inspects the address bar and verify that the URL contains “https” or the lock icon
Ø Do not accept social media followers or friends from accounts that you do not recognize. If an account that you do not trust follows or friends you, block the account
If you are at all uncertain about the validity of an email or other message, do not respond. If you receive a strange email from a colleague or boss – talk to the person and ask them about the email. Remind employees that security awareness and cyber security best practices apply everywhere – in the office, at home, riding the bus, in the airport, at the coffee shop, and wherever they are connecting to the Internet.
If you are interested introducing or upgrading your IT security services, we would be happy to connect you with our incredibly reliable and efficient partner and provider. We look forward to hearing from you.
Stay safe and secure!