Today, cybercriminals are increasingly taking advantage of the COVID-19 outbreak to exploit the vulnerable in the vastly ungoverned cyberspace, leading to a transnational threat. Much like the coronavirus, cybercrime doesn’t discriminate. What are some of the biggest cyber threats related to the coronavirus pandemic? How can you keep yourself, your organization, your co-workers and families secure online?
Phishing and Social Engineering Scams
According to security experts at Norton, cybercriminals are increasingly sending coronavirus-themed phishing emails designed to resemble reputable organizations such as the US Centers for Disease Control (CDC) or the World Health Organization (WHO). A phishing email is a type of social engineering scam, defined by the Department of Homeland Security as an attack that uses “email or malicious websites to solicit personal information by posing as a trustworthy organization.” Some phishing emails even offer health advice on how to protect yourself against the coronavirus from so-called health-care professionals.
Even though we intuitively know that legitimate information about the coronavirus can be found directly at reliable sources such as the National Institutes for Health and the WHO, it’s worth knowing how to recognize phishing emails and social engineering scams, so as to properly avoid them. Here are some tips to do just that:
1. Avoid clicking links in emails or opening email attachments in random or junk emails.
2. Only use trusted sources for information on COVID-19.
3. Don’t respond to random or junk emails.
4. Don’t share personal or financial information if prompted to do so.
5. And don’t make donations to charities without first verifying the charity.
We all know that misinformation is rampant during this time. As Alex Guirakhoo writes on Digital Shadows, social media and messaging platforms have been instrumental in spreading misinformation, creating fear and panic, and, in some cases, inciting xenophobia and racism. With this in mind, there is no better time than now to discuss how to check sources with your family — especially kids and teens — as well as learn about general online safety when it comes to social media.
To avoid exposure to misinformation about COVID-19 in particular, and to ensure the authenticity of sources of information, it is best to sign up for online broadcasts from reputable organizations. For instance, the WHO has partnered with Rakuten Viber to “reach over 1 billion people in their local language directly through their mobile phones” with legitimate information about the pandemic — all you need to do is subscribe to the WHO Viber chatbot.
The global shortage of health-care equipment like face masks and hand sanitizer has resulted in a strain on manufacturers globally while creating a market for counterfeit goods. Even though The Federal Trade Commission (FTC) has confirmed that there are no legitimate products that can cure or prevent the contraction of COVID-19 directly, fake treatments and self-testing kits have become popular products sold by cybercriminals, feeding on the widespread misinformation and mass hysteria that is rampant among the general public. Follow these basic tips to identify illegitimate online sellers:
1. Check the URL domain and look for HTTPS, not just HTTP.
2. Check for spelling errors in the URL.
3. Check the URL domain: Subdomains of reputable sellers generally don’t have elaborate web addresses.
4. Check if the website has contact information or an “About Us” page.
5. Look for reviews of the product.
6. Don’t purchase products via social media ads or Facebook pages.
Cybersecurity at Every Level
The COVID-19 pandemic has forced many employees to work from home, with many companies adopting remote-working policies. Thus, it is imperative that employees follow strict cybersecurity protocols so as to ensure that business or consumer-related sensitive data isn’t compromised during this time. Key factors to ensure safe remote working include securing networks, only allowing for limited access to company resources on personal devices, continued cybersecurity training for employees and having a crisis management plan in place in the event of a hack.
At this time, cybersecurity is also a pressing concern for government organizations. The quickness with which cyberattackers have turned COVID-19 into a cyberweapon of sorts is only proof that governments need to stay vigilant and not leave their databases vulnerable. This is especially important at a time when staffing at all organizations — government or not — is reduced, and an increasing number of people are parting with sensitive information as they get tested for coronavirus.
The COVID-19 pandemic presents cybercriminals with the perfect platform to access government networks and steal information. Considering these cybercrime opportunities, it is vital that government organizations urgently enlist cybersecurity experts to secure themselves against what could be total devastation. Cybersecurity experts who are well-versed in advanced digital safety measures are essential for the protection of government bodies and citizens alike in this uncertain time.
As COVID-19 spreads across the globe, it’s no surprise that cybersecurity concerns take a backseat. Unfortunately, the virus is not exempt from people using this catastrophe to further exploit the vulnerable via scams and misinformation that plague the internet today. It is, therefore, better to be aware of cybersecurity concerns around COVID-19 and how you can best protect yourself from these threats.
The views expressed in this article are the author’s own and do not necessarily reflect Fair Observer’s editorial policy.