There are always opportunists who will act quickly to exploit a major event for their own gain while threatening the safety of others. The COVID-19 pandemic is no different, with cyber criminals aiming to take advantage of the confusion, distraction and large-scale shift to remote work resulting from the pandemic.
The most common COVID-19-related cyber scams include the following:
- Phishing using COVID-19 as a lure.
- Malware distribution using COVID-19 as a lure.
- Registration of new domain names containing wording related to COVID-19.
- Increased attacks against new remote access and teleworking infrastructures.
Typically, scammers will attempt to impersonate a reliable entity. In the case of the COVID-19 pandemic, there have been reported cases of cyber attacks posing as the following:
- Government entities offering assistance.
- Internal IT or technical support teams providing support or cyber security tips.
- Health agencies providing safety resources.
- Organizational leadership issuing an alert.
- Non-profits seeking donations.
In many cases, phishing tactics are used in conjunction with imitation websites to further the ruse of legitimacy.
Fortunately, these attacks generally rely on the same basic social engineering methods as traditional cyber attacks—enticing users to carry out a specific action such as clicking a link or opening a file via manipulation and misinformation. As such, these attacks can be avoided through the following methods:
- Notify and educate users of the risks.
- Be wary of emails from unknown addresses.
- Do not divulge personal information to unknown entities.
- Use strong, unique passwords and usernames for each account.
- Reference multiple sources to avoid misinformation.
Here are Mumby Insurance, we can help you navigate these difficult times with expert guidance and advise. Contact us today for more information.