Do not get hacked in troubled times
16 March 2020 - Reading time: 4 minutes
We receive more and more information about the increased number of incidents when cyber-criminals are trying to use the current, challenging global situation with the coronavirus outbreak for their profit.
The number of email scams linked to coronavirus is high these days and probably will increase even more. The attacks could come not only by email (phishing) but also by phone (vishing). This is a well-known method of using deception to lure you into revealing personal, sensitive, or confidential information. Fraudsters can try to impersonate a person or legitimate business to scam innocent people. Typically, cyber-criminals use a tactic of scare and emotional manipulation (FUD: Fear, Uncertainty, Doubt) when they try to trick people into giving up their precious information.
Cyber criminals are targeting individuals but also companies, so it is very important to stay vigilant. Here are a few quick recommendations about how to protect you, your family and your business.
- Always be suspicious when you receive an unexpected email or phone call of any kind, especially if someone asks you for some action, e.g. click the link or return the call. The link can lead to malware or an attempt to steal your data and the number you will dial could lead to additional charges.
- Every unsolicited email where the topic is related to coronavirus and your money and/or e.g. sudden access to your property is highly suspicious.
- Every unsolicited email or phone call when someone offers you something for free (especially an email with an attachment) is highly suspicious.
Examples of suspicious topics:
- Someone claims they can give you access to “the real truth about the coronavirus outbreak” or “learn more about the true scale of contamination”.
- An unexpected email from the medical facility, e.g. “double-checking your personal details before the coronavirus-related appointment”.
- An unexpected email from your bank with similar requests.
- An unexpected email from a government organisation (global, like WHO, NHS, CDC, etc. or local government), e.g. providing you with “additional funds” or asking for donation “to fight the virus”.
- All types of stupid emails with information like: “click here to get the immediate cure from the virus”.
- It may not be you, but your family member, friend or business partner who has been hacked recently. So, if you receive an unexpected email from their address (the legitimate email address, perfectly well-known to you) with untypical questions or a call for action – do not do anything. Call them first and quickly rectify the situation.
- Do not open any attachments from unsolicited or suspiciously looking emails. Beware that hackers are improving their techniques every day and there are countless ways to transfer malware to your computer. Believe me, you do not know all of them. Do not assume you are safe because you know this-and-that about computers. There always could be someone smarter than you or who will simply use a new ingenious exploitation technique.
- If you have any questions about cybersecurity – always ask someone who is proficient in this area. Do not be afraid to ask your corporate IT department about issues or incidents with your personal digital security. Quite often, this is exactly the way cyber-criminals infiltrate organisations: they start from hacking the home computers of the personnel. Every incident of such kind must be carefully reviewed.
I believe that the existing situation is one more reason to double-check that you have a good understanding of the basic cybersecurity principles. If you know those principles - help others. Hope is not a strategy, and, in my opinion, never was. Do not act before you think, be wise and vigilant and always stay safe.