It’s the Covid-19 virus that’s on everyone’s lips at the moment. Covid-19 is fast taking on the proportions of a worldwide pandemic. We’re learning quickly what the potential implications are. In this post, we’ll look at a consequence that you probably didn’t think of – Covid-19 is making it easier for cybercriminals to engineer new cyber attacks.
Why Covid-19 Poses a Risk to Cybersecurity?
There’s a lot of panic out there at the moment. We’ve got a lot of people playing out doomsday scenarios in their heads. Now, intellectually, we understand that the virus is not deadly to most. And, let’s be honest, if it hasn’t hit your country yet, you’re probably not concerned.
I know, because I wasn’t concerned either. Then the first case in the country was diagnosed 15 minutes from where I live, and I started feeling differently.
Why am I telling you this?
I’m hyperrational at most times. I understand that Covid-19 is unlikely to kill me, but I want every scrap of information possible. I know that the World Health Organization is the best source. Had I received an email such as the one below, I probably would have clicked on the link.
Phishers Will Use the Crisis to Play on Your Emotions
Considering that I know far better than to click on links in an email, that’s saying a lot. And that’s what makes this current crisis so dangerous. We’re so desperate for information that we’re distracted.
Source: LinkedIn
Now, fair enough, that screen with the “Verify Your Email” looks dodgy. I wouldn’t have completed that step. But if the phisher were clever, they’d load up the fake site with malware. Then it wouldn’t matter either way.
Ask yourself a question – if you received this email, what you do? What would someone who wasn’t very tech-savvy do? You already know the answer.
Many people would’ve been fooled. The email looks pretty convincing. Would you be fooled? Would you stop to think, “Hey, why would the World Health Organization send this to me?” Maybe under normal circumstances, you would. With the current epidemic, though, you might also think it was serendipitous.
Now let’s shake things up a bit.
You might not have fallen for a random letter from the WHO. What about a similar message from your CEO? Or an SMS? Phishers can impersonate anyone they want to. They did so for 60% of business in 2019. If you’re too distracted to remember proper safety protocols, you could become a victim.
The Upsurge in Remote Work Could Put Businesses at Risk
Health officials have advised companies to allow workers to work remotely in affected areas. It’s a good strategy – minimizing contact is one of the best ways to prevent the spread of the virus.
The question is whether or not the company’s internal security systems can handle remote workers. If employees are using their own devices, how secure are they?
Where are the employees working from? We assume that they’re working from home, but what if they’re on an unsecured Wi-Fi network?
Your internal network procedures do little to secure devices outside of that network.
What Do We Do?
Your best defense against phishers is vigilance. Check the email addresses of everything that lands in your inbox. Don’t click on any links within emails. Navigate to the site that you know and trust instead and see what information is there. When in doubt, call the sender from numbers you already have on file to confirm.
Final Notes
In times of crisis, there are always those who swoop in to take advantage. The digital age has added a new element to crisis management. Understanding how these vultures operate is the first step. From then on, it’s a case of not letting our emotions get the better of us.
Related Articles