Six Tips for Keeping Your Employees and Operations Safe

Just when we thought our COVID-19 anxieties couldn’t reach a higher peak, cybercriminals are actively exploiting the pandemic using a variety of new scams.

And it’s no surprise. With uncertainties running high and a workforce collaborating online and working remotely, unfortunately, it’s an ideal scenario for cyber attacks.

For busy IT professionals already dealing with a surge of remote workers, this makes it even more challenging to enforce safe computing habits and close potential security gaps.

From fake tweets and phishing emails promising new insights into the virus, even cures, to counterfeit medical supplies or assistance funds, attackers are trying anything possible to encourage clicks, website visits, and downloads. In fact, data shows a 350% increase in phishing websites since the outbreak. Designed to steal personal and financial credentials, these malicious websites are offering everything from free Netflix subscriptions and safety masks to financial donations.

In the U.S., the Federal Bureau of Investigation (FBI) issued a recent public service announcement, warning of a rise in new attacks. The UK’s National Cyber Security Centre (NCSC) has also warned that attacks could increase and stepped up efforts to remove malicious phishing websites. CERT France, the French national government computer security incident response team, issued a warning about a new ransomware gang targeting local governments using a version of the Mespinoza ransomware strain, also known as Pisa ransomware.

Moving business forward, safely and securely, has become the cybersecurity challenge of the day.

Let’s take a look at a few of these cybercrime scams and ways to prevent attacks.

Stay alert for these COVID-19 cyber scams

• Industry-targeted attacks:  A far cry from the earlier promise by ransomware attackers to stay hands-off the healthcare industry until the crisis resolves, cybercriminals are once again targeting this sector as well as specific vertical markets. The scams play to the potential need for COVID-19 tips or support that are vital to businesses and organizations.  In addition to healthcare — medical testing facilities, manufacturers and suppliers, financial services companies, higher education, and public service agencies have been front and center in these attacks.
• Remote-worker scams: Since COVID-19’s outbreak, more people than ever before are working remotely to stay safely isolated — in fact, one survey showed 85% of companies say at least 50% of their employees are now remote. Unfortunately, this presents new targets for scams and attacks on employees spending much more time working and collaborating online.

Tips to keep your Employees and Operations Safe

While the volume of COVID-19 scams and attacks can cause even the most seasoned IT pro to feel overwhelmed. Never give up on educating users. Recognizing phishing tricks and fake websites are a key defense in preventing cyber attacks.

Here are a few best practices to share:

• Never click on links in unknown emails or open unfamiliar attachments. Typos and misspelled emails or unfamiliar email addresses are a few signs of scams. Even if you know the sender, always check its legitimacy first.
• For COVID-19 updates and news, be sure to check your sources and only refer to those with a good reputation for accuracy and verifiable facts.
• Avoid downloading and installing any software or apps specifically related to coronavirus (or any current news cycle topic).
• Always check website links for strange typos, added numbers, or anything that doesn’t seem right.
• Think about how the information is being shared with you. Facebook posts, WhatsApp chats, and Tweets can be written and doctored by just about anyone.
• Be aware of urgent requests for action or information, typos and misspelled emails, unfamiliar email addresses.