During a public crisis, hackers are more than ready to take advantage of the visceral fear that can be felt worldwide. The novel coronavirus is rapidly spreading and with it comes an increased spread of malware and phishing attacks cloaked as fabricated good causes. It’s important business owners are aware of these attacks and can educate their staff, especially if they will be working from home.
The US Cybersecurity and Infrastructure Security Agency (CISA) recently reacted to the pandemic by saying:
“Cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment or hyperlink, and be wary of social media pleas, texts or calls related to COVID-19.”
Below we will breakdown potential coronavirus scams to avoid.
Coronavirus Phishing Scams
Any unsolicited email that encourages you to click on an attachment or enter personal information, should make you think twice. Unfortunately, these classic phishing schemes still lure innocent users into clicking on a malicious link or giving personal information daily.
With the spread of COVID-19, individuals are looking to donate and support causes that assist high-risk individuals and provide food to those in need. While many of these causes are safe to donate to, hackers have carefully crafted causes that look and feel legitimate, so when you click to donate you can easily be confused.
Organizations can take precautionary steps today to help protect their employees from these despicable attacks. CISA recommends employees turn off the option to automatically download email attachments. While not all email platforms provide this option, the majority will have this feature.
Social engineering attacks – scams designed for users to hand over sensitive information by extremely personal targeting tactics—have become a common occurrence during times of crisis. Businesses can prepare by reading up on how to avoid social engineering and phishing attacks.
As a good rule of thumb, never reveal personal or financial information in an email.
Coronavirus Charity Scams
During times of distress, the compassionate in our society step up and donate to charitable organizations that help alleviate suffering. Before we donate online, it is critical we take a few moments to research the organization we are donating to.
The Federal Trade Commission has a Charity Scams resource page that could save you heartache and your bank account from running dry. You can also review charity sites such as give.org or guidestar.org to review whether the charity is listed as a credible source.
Review Your Sources
There is a wide range of ways a scammer can display misinformation that can lure unsuspecting victims into a position of revealing comprising information. Facebook groups that offer COVID-19 cures, trending videos of self-proclaimed health experts sharing “best practices” to large audiences. While it can be difficult to sort through what is credible information and what is scam-baiting, there are a few techniques that can help you.
How Do You Avoid Being a Victim?
The best way to avoid being a victim is to educate yourself on the tips below:
Forty-three percent of attacks are aimed at SMBs, but only 14% are prepared to defend themselves (Accenture).
The three sectors with the biggest spending on cybersecurity are banking, manufacturing, and the central/federal government, accounting for 30% of overall spending (IDC).
More than 33 billion records will be stolen by cybercriminals by 2023, an increase of 175% from 2018.
The internal team was energized. With the Level 1 work off its plate, the team turned its attention to the work that fueled company growth and gave them job satisfaction.
40% of businesses will incorporate the anywhere operations model to accommodate the physical and digital experiences of both customers and employees (Techvera).
The cost of cybercrime is predicted to hit $10.5 trillion by 2025, according to the latest version of the Cisco/Cybersecurity Ventures “2022 Cybersecurity Almanac.”.
The average cost of a data breach in the United States is $8.64 million, which is the highest in the world, while the most expensive sector for data breach costs is the healthcare industry, with an average of $7.13 million (IBM).
It takes an average of 287 days for security teams to identify and contain a data breach, according to the “Cost of a Data Breach 2021” report released by IBM and Ponemon Institute.
We did a proof of concept that met every requirement that our customer might have. In fact, we saw a substantial improvement.
We did everything that we needed to do, financially speaking. We got our invoices out to customers, we deposited checks, all the things we needed to do to keep our business running, and our customers had no idea about the tragedy. It didn’t impact them at all.
“We believe our success is due to the strength of our team, the breadth of our services, our flexibility in responding to clients, and our focus on strategic support.”