You can count on cyber thieves to take advantage of a crisis, like the novel coronavirus (COVID-19). Our threat research team discovered cybercriminals taking advantage of the news cycle, including using logos from trusted sources like the World Health Organization (W.H.O.) in phishing emails and hiding malware in COVID-19 online trackers.
Now is the time to remain vigilant when opening emails and clicking links. Here are a few best practices you should consider so you don’t fall victim to a COVID19-themed phishing scam or ransomware attack.
Beware of COVID19-themed emails from unknown senders. Cyberthieves have already begun sending out malicious emails disguised as public service announcements. Make sure you closely inspect the sender details and email address in the From line of your emails. Avoid clicking on any attachment unless you’re absolutely sure who sent it.
Be suspicious of requests for personal or financial information. Watch out for urgent requests for personal or financial account information. Attempt to verify the sender, by phone if possible, before you send, confirm or update account information.
Beware of suspicious links. Cyberthieves may try to use COVID19-themed links to deploy malicious code onto your device. Inspect the URL for any links before you click on them. Make sure links are directing you to reputable sources. Better yet, type the URL directly into your browser.
COVID-19 is already causing enough disruption in our daily lives and routines. The last thing anyone needs is to fall victim to a phishing scam or ransomware attack. As a remote worker, continue to use caution when opening emails and browsing the internet. As an IT organization, ensure all the endpoint devices are being backed up now that employees are remote and not on the corporate network.