Cybercriminals and Coronavirus
We’re living in unprecedented times, folks. Sure, we’ve had virus outbreaks and catastrophic events occur in regions of our nation or parts of our global community. But I don’t recall an event in the digital age that has disrupted business and our economy as we’re witnessing with COVID-19.
While we’re busy trying to ensure the personal safety and well-being of our workforce, many businesses are challenged with social distancing, implementing technology and keeping business afloat with a remote workforce. This has really put a strain on our technology teams, our managed service providers and our cybersecurity teams. Rapidly moving a workforce remotely and doing so securely is a monumental task. The financial services industry is especially feeling these effects.
Cybercriminals have long taken advantage of these types of situations and even seasonal events like tax season or Black Friday to launch their attacks. What makes this event unique, however, is that the cybercriminals now have a vulnerable workforce that is using new technology, new applications and is no longer protected by just our corporate firewalls and security systems.
We do have the technology and security to allow our workforce to work remotely but, in many cases, we just haven’t had time to thoroughly test and verify. Cybercriminals are fully aware of this, which explains the exponential growth in their attacks.
COVID-19 is being used in a variety of malicious campaigns, including email spam, business email compromise, malware, ransomware and malicious domains. As the number of those afflicted continues to surge by the thousands, campaigns that use the disease as a lure likewise increase.
We’ve seen these attacks before, but their success rate is higher — higher because we now have chaos in our work environments and our workforce is under pressure to remain afloat. This pressure can lead to very simple mistakes, like clicking on the link, opening attachments from unknown sources or even known sources that had their emails compromised and visiting malicious sites.
We’re all trying to get as much current information on COVID-19 as we can. The cybercriminals understand this and have launched new domains — new websites that they use to host their malware and ask for credentials. Some claim to be COVID-19 tracking sites.
Since the start of January, when reports of the first outbreaks surfaced, more than 16,000 new Coronavirus-related domains have been registered. In the past week, more than 6,000 new domains appeared, an 85% jump from the previous week. Many of these are legitimate, but all it takes is visiting just one malicious site for trouble to ensue.
Some recommended best practices
- Increase communication with your workforce. Encourage teams to communicate among themselves. If something doesn’t look right, reach out to a peer or management to get a second look
- Be suspicious of every email you get regarding Coronavirus, especially if it is from an address you do not recognize or contains grammar and spelling mistakes. Also, avoid opening links or attachments from unknown sources; it is possible to hover the mouse cursor over hyperlinks to see where they actually lead.
- Avoid emails or advertisements that urge you to “act now.” This sense of urgency is meant to enhance the already induced panic of the situation to pressure people into making irrational decisions.
- Do not give money or personal information to websites or people you do not trust 100%. If you are approached, try to verify details and call back yourself via a number obtained from a difference source.
- Get your information from official sources (World Health Organization or the Center for Disease Control) and try to avoid unreliable sources, such as social media posts.
- If you wish to donate money to charity organizations, do this by searching for their official websites or phone numbers, and not through advertisements or when approached.
The Coronavirus shows no sign of disappearing anytime soon. Cybercriminals will continue trying to exploit the situation and create more attacks, using the methods mentioned above and in new ways as well. Remain as vigilant as possible to safeguard your business from getting hit. BE SAFE!