4 Steps to Avoid Cybercriminals Capitalizing on COVID-19March 19, 2020 - by Lars Daniel
With government powers and the attention of the world focused on the coronavirus pandemic, cybercriminals are presented with new opportunities for the exploitation of businesses around the globe with their own strain of virus.
While markets are concerned with the possibility of a pandemic-induced recession, cybercriminals are poised to have a record year as a vast amount of the global workforce will be, and many for the first time, working from home. Follow these four quick tips to help avoid cybercriminal attacks during this vulnerable time.
1. Increase Your Awareness of Phishing Emails
A phishing scam happens when a cybercriminal uses an email or text message to trick you into giving them your personal information, such as passwords or social security numbers. They then attempt to use this information to gain access to your bank, email, and other accounts, or sometimes even use the information they gain to scam someone else.
Keep an eye out for common tricks that scammers use, for example they may claim they’ve seen suspicious activity on your account, include a fake invoice, or offer you a phony coupon for updating your information. If you can’t tell outright if a message is a phishing scam, it is always good practice to pick up the phone and call the person or organization allegedly sending the email or text message.
If you suspect a message might be a phishing attack, it is helpful to ask yourself a few questions before proceeding.
- Do you have a relationship with the person sending the message?
- Do you have an account with the organization if the message is coming from a bank, credit card company, or other business
2. Keep Your Devices Updated
Though it always seems like your computer or phone wants to update at the most inconvenient time, it is important to get it done in a timely matter. These updates are often put in place to attack vectors that cybercriminals may be using to gain access to your data and ultimately keep your devices more secure.
3. Always Use Secure Internet Connections
Since many employees are working from home right now, there is no better time to ensure that your internet router is up to date on its antivirus protection and that your home Wi-Fi is password-protected and secured appropriately. Unprotected networks are a gateway for hackers to enter your system.
If you start to go stir crazy from being housebound, remember that if you go in public and connect to a wireless network, verify with the owner of the location that the network is actually theirs. Cyber criminals will create networks with names that will fool you into thinking that they are legitimate, and once you connect to them, they can gain control over your devices. While connected to a public Wi-Fi network, keep your internet activity to non-sensitive tasks and avoid accessing confidential or sensitive information.
4. Don’t Use Your Personal Devices for Work
Right now, it can be more tempting than ever to lounge on the couch and answer work emails from your personal tablet or laptop. However, when using personal devices, you increase the risk of intermingling personal and work-related documents and communication.
Your organization has no control over your personal devices, which means that it is likely the software and security are not up to par as they would be on company devices. This puts those intermingled work documents on your personal devices at even greater risk for exposure or theft. This is both a risky practice and a bad habit to develop.
Stay Safe During COVID-19
Everyone plays a part when it comes to keeping an organization safe from cybercriminals, regardless of what department or role you have. Your part might be identifying that phishing email and not clicking on the link, subverting a potentially very real threat. In many ways, this small act is just as important as all the hard work the information technology security staff at your company do. Let's work together to stay safe during these unprecedented times. Wash your hands and practice good cyber hygiene!
About the Author
Lars Daniel is a Practice Leader in the Digital Forensics Division, and holds 7 different certifications. He has provided forensic services to more than 600 criminal and civil cases, and appeared as an expert court witness for nearly 30 of those. He has co-authored two books: Digital Forensics for Legal Professionals, and Digital Forensics Trial Graphics: Teaching the Jury through Effective Use of Visuals, spoken at numerous industry conferences, and provides training throughout the U.S.