As the coronavirus dominates global headlines, organizations should be aware of cyber threats beginning to emerge with the growth of the healthcare pandemic. Businesses that allow employees to work from home should enforce the proper cybersecurity policies for their operations.
Spreading of the coronavirus (COVID-19) is helping to fuel a rise in cybercrime associated with the disease & creating an opportunity for online threats to succeed. The global nature of the infection has enabled the type of environment in which panic and fear are manipulated by cybercriminals who are skilled in taking advantage of these types of scenarios. As more people are affected by coronavirus, it is critical to be aware of how impactful a global outbreak can be when it relates to online scams & phishing attacks.
Phishing Email Scams
It is not uncommon for the cybercrime community to take advantage of problematic times and create sinister opportunities for their advantage. The Federal Trade Commission warns of phony donation schemes that can be leveraged by crooks during a healthcare outbreak such as coronavirus. These times of crisis can flood the internet with fraudulent resources & aggressive phishing campaigns that are far-reaching and significant in financial losses. The World Health Organization (WHO) posted a notice that brings to light phishing attacks pretending to be officials from WHO sharing medical information with the global health community. These documents & attachments contain malware and should be avoided at all costs.
A research report from Check Point security discovered that 4,000 coronavirus-related website domains had been registered since January 2020. No credentials or accolades are needed to register a website domain containing the phrase ‘coronavirus’ or verbatim. Many of these websites have malicious intentions as they will try and lure you to donate or provide other personal information to a campaign.
Reduce Your Risks of Phishing & Extortion
Take the time to educate yourself & others about phishing campaigns during a medical outbreak such as coronavirus. You may begin to receive emails asking for charitable donations to medical funds or other contributions to be made in the form of online payments. Take preventative action and research the organization who is reaching out and validate their processes. Think critically and don’t start clicking on links from these suspicious messages, even with the best of intentions. Check the validity of incoming messages and examine the domain & other credentials included in the email message.
The medical industry will feel the lasting effects of coronavirus-related phishing campaigns and extortion based attempts to spread malware & other malicious activity. Products & websites claiming to have a cure for the coronavirus have already been identified by the Better Business Bureau and more scams are suspected to arise.
Working From Home
As businesses face decisions about whether to have their workforce come into the office or work from home, employers should consider their cybersecurity policies relating to remote work. Businesses should understand the risks associated with remote workers and their impact. Organizations should make sure they have an incident response plan in place so they are prepared to respond to cyber threats. If you’re a business that usually does not allow employees to work from remote locations, this is a great time to implement these cybersecurity policies & procedures.
Securing Your Remote Workers
Use a VPN
A Virtual Private Network (VPN) can be utilized to keep your IP address & location information safe from cyber threats. Using a VPN is a secure way to transport data across your company network. If you are connecting from a public WiFi network, it is essential to connect through a VPN. Bonus tip: Set the encryption level to at least 256 bit for increased security.
Two Factor Authentication
Before employees are allowed to work remotely, ensure they have two-factor authentication enabled on their email accounts & other access portals where available. This extra security layer will require an additional credential (beyond a single-password) to gain access to email and your business data. This is effective to prevent unauthorized users from using your computer or logging in from a remote location using a previously stolen password.
Report Coronavirus Scams
As part of a communal effort to deter cybercrime in the wake of the coronavirus, we encourage businesses & organizations to report scams and phishing attacks they may be experiencing. Reporting cyber crimes helps our government agencies better deliver resources and awareness so that other organizations can steer safe from these scams. If you are suspicious of a cyber scam relating to the coronavirus disease, it should be reported using the official Federal Trade Commission Complaint Assistant.
Proven Data Can Help Your Remote Workforce
Stay In The Loop
Sign up to stay current with the Cyber Security landscape, data recovery.