Situational Awareness: Cyber Threats Heightened by COVID-19 and How to Protect Against Them
Several states started issuing shelter-in-place directives, which basically stated that people should stay in their homes and avoid going outside whenever possible. One of the main reasons people leave their house is to go to work. In order to comply with state mandated directives, businesses all over the country have transitioned to a work from home plan where employees do not come into a physical office, but are still able to get work done from the comfort of their homes. Other businesses are not able to provide this luxury and have been forced to close their doors. This new way of life has introduced new cyber threat vectors because many people and businesses are not used to taking their technology home to perform work which contains sensitive information.
One of the easiest ways to social engineer people is through the art of phishing. During these challenging times, when people are looking to get more information on what is going on with the world, it has become far too simple to deploy a phishing attack. People everywhere are curious about how COVID-19 is going to impact their work, business, mortgage, and school. People everywhere are getting hundreds of emails with more information about how COVID-19 is impacting their sector. As such, sending out a phishing email with the promise of providing some sort of COVID-19 coverage is making it easier for attackers to trick people into clicking on their link.
It is so easy to get caught up in the moment that you forget to check for some basic common sense items. There are going to be a lot of phishing campaigns that are going to try to take advantage of the fact that people are waiting to hear information from banks, credit lenders, schools, and businesses. Other types of news people might be looking for are those related to containment of the virus, or the spread. In any case, it is extremely important to remain vigilant and be on the look out for phishing emails that try to steal your personal information. What exactly is a phishing email and how do you protect yourself against it? A phishing email is an email that tries to look legit but it is actually trying to steal your personal information. There are many common sense steps you can take to protect yourself. The following are a few basic tips that should help you weed out the bad emails and hopefully just find the valid emails.
First big tip is to check the sender! Oftentimes, these phishing emails come from bogus emails that are blatantly obvious. That is not always the case, but for the most part, there is mostly always something fishy about the sender’s email address that does not quite add up to the original from a trusted sender. The next major thing to check for is the body of the email. Most, if not all senders state they will never ask you for credentials or other sensitive information over an email. When you get a phishing email asking you to sign into something, that should be a huge red flag. Do not log in using the link in the email. Lastly, check for other anomalies in an email. Just because we are always in a rush, does not mean we should not pay attention to places where we put in our sensitive information. If the logo looks weird, things are misspelled, any other strange things, please do not click on the link. Stay safe out there and make sure you check for trusted sources when trying to find out what’s going with COVID-19.