COVID-19 is not the only virus associated with the global outbreak. As predictably as night follows day, cybercriminals are using the epidemic as the moment to attack.
While phishing attacks and other forms of social engineering involving remote devices and remote access to company information systems have been a top cybersecurity challenge for years now, the increasing number of coronavirus-based phishing emails is especially nefarious as they prey on the health concerns of the public.
The Attacker Mentality
Most companies are in some sort of varied chaos due to the pandemic, from disaster recovery efforts to struggles with business continuity—the perfect setting for cybercriminals to sneak in. With the majority of enabled workforces moving remote, network traffic is coming from all over the map and IT teams are flooded with making the work from home transition possible. What better time to hide attacks in this varied onslaught of “new” traffic?
In addition, it is only human for individuals to want the latest information on the coronavirus making them all more likely to click on the attacker’s bait. What better place to put an attack then under the guise of “Pandemic Details?”
Cybercriminals aren’t under quarantine and are actively taking these unprecedented times as opportunities to strike.
New Risks from Multiple Angles
Warnings have been sent regarding phishing emails mentioning the coronavirus or COVID-19 outbreak falsely originating from business partners or public health institutions, but as we saw above, many normal cautionary measures are being ignored in the search for more information regarding the outbreak. Phishing emails appearing to be related to remote work or emergency planning are also becoming a popular method to collect employee user names and passwords. Fake Centers for Disease Control and Prevention (CDC) emails or other “official” communications are an especially malicious method to tempt users into opening and infecting their IT systems.
Phishing and social-engineering campaigns using COVID-19 as a lure have greatly increased. According to a recent report, more than 16,000 new coronavirus-related domains have been registered since January. More than 2,200 of them are suspicious and another 93 are being used to serve malware.
Other activities targeting coronavirus fears include fraudulent or spoofed purchase orders for hand sanitizer that can lead to payments or other protective equipment that can result in wire transfers to fraudulent accounts.
Feeding off the public’s ever-growing, legitimate concern over COVID-19, cybercriminals are taking advantage of every avenue for attack, making protecting data and systems a multi-faceted effort.
Your First Defense: Be Aware
Protecting businesses and individuals from potential attacks hiding in plain sight starts with awareness of the heightened risks in their varied forms.
Be careful and take your time to check for phishing attempts in email before opening or clicking. Look closely at who the sender is, scrutinize the subject lines and email content for red flags (example: is it an outlandish claim or obvious scare tactic?), hover over and review links before you click, doubt check links or URLs, and use trusted sources.
Keep confidential information confidential. This means credentials, credit card information, or sensitive data – yours, your company’s, and clients. If you receive a request for username and password, always be sure to check with your IT lead.
When shopping online, use the same method you would checking for phishing emails to vet out any potential fraudulence—double check sellers and product claims, find trusted sources and verifiable reviews, and read all the fine print before handing over any personal information.
Even all the best defense tools and systems still require diligence for the human eye to stay on top of the latest threats as cybercriminals will continue to find new, inventive ways to strike as the crisis continues.
Stay vigilant—cybersecurity is not immune to the remote work risks from COVID-19.
Committing to your business’s IT security shouldn’t only be a priority during an unprecedented event, like the COVID-19 pandemic. Making sure your infrastructure, mission-critical application, data, and employees are protected is a 24/7/365 job—and managed security partners like Ntirety can help take that burden off your internal IT team and your entire company peace of mind.