We receive more information everyday about the growing incidence of cyber-criminals trying to profit from the challenging global situation created by the coronavirus outbreak.
The number of email scams linked to coronavirus is high these days and will probably increase even more. The attacks could come not only by email (phishing) but also by phone (vishing). This is a well-known method of using deception to lure you into revealing personal, sensitive, or confidential information. Fraudsters can try to impersonate a person or legitimate business to scam innocent people. Typically, cyber-criminals use a tactic of scare and emotional manipulation (FUD: Fear, Uncertainty, Doubt) when they try to trick people into giving up their precious information.
Cyber-criminals are targeting individuals but also companies, so it is very important to stay vigilant. Here are a few quick recommendations about how to protect you, your family and your business.
Always be suspicious when you receive an unexpected email or phone call of any kind, especially if someone asks you for some action, e.g. click the link or return the call. The link can lead to malware or an attempt to steal your data and the number you will dial could lead to additional charges.
Every unsolicited email where the topic is related to coronavirus and your money and/or e.g. sudden access to your property is highly suspicious.
Every unsolicited email or phone call when someone offers you something for free (especially an email with an attachment) is highly suspicious.
Examples of suspicious topics:
Someone claims they can give you access to “the real truth about the coronavirus outbreak” or “learn more about the true scale of contamination”.
An unexpected email from the medical facility, e.g. “double-checking your personal details before the coronavirus-related appointment”.
An unexpected email from your bank with similar requests.
An unexpected email from a government organization (global, like WHO, NHS, CDC, etc. or local government), e.g. providing you with “additional funds” or asking for donation “to fight the virus”.
All types of email with information like: “click here to get the immediate cure from the virus”.
It may not be you, but your family member, friend or a business partner who has been hacked recently. So, if you receive an unexpected email from their address (the legitimate email address, perfectly well-known to you) with unusual questions or a call for action – do not do anything. Call them first and quickly rectify the situation.
Do not open any attachments from unsolicited or suspicious looking emails. Beware that hackers are improving their techniques every day and there are countless ways to transfer malware to your computer. Believe me, you do not know all of them. Do not assume you are safe because you know this-and-that about computers. There always could be someone smarter than you or who will simply use a new ingenious exploitation technique.
If you have any questions about cybersecurity – always ask someone who is proficient in this area. Do not be afraid to ask your corporate IT department about issues or incidents regarding your personal digital security. Quite often, this is exactly the way cyber-criminals infiltrate organizations: they start from hacking home computers of the personnel. Every incident of such kind must be carefully reviewed.
I believe that the existing situation is one more reason to double-check that you have a good understanding of the basic cybersecurity principles. If you know those principles - help others. Hope is not a strategy, and, in my opinion, never was. Do not act before you think, be wise and vigilant and always stay safe.
Learn more about how Spirent’scan help protect your business.