As the coronavirus spreads around the globe, unfortunately so do cyber-criminal attacks. Cyber criminals see this as a golden opportunity to capitalize. Hackers leverage the panic, confusion, and misinformation to transmit malware, breach computer networks, set up malicious websites, and launch social engineering attacks.
Early on in the coronavirus pandemic, the Cybersecurity and Infrastructure Security Agency (CISA), part of the U.S. Department of Homeland Security, offered a warning to the public to be vigilant about scams related to COVID-19 (here).
CISA offered specific guidelines for individuals to avoid being scammed online:
- Avoid clicking links from unsolicited emails and be wary of email attachments.
- Use trusted sources when looking for factual information on COVID-19, such as cdc.gov.
- Never give out personal or financial information via email,http://www.cdc.gov even if the sender seems legitimate.
- Never respond to emails soliciting personal or financial information.
- Verify a charity’s authenticity before making any donations.
In addition, a pandemic is the perfect recipe for social engineering and phishing attacks. The CISA provides a detailed Security Tip on Avoiding Social Engineering and Phishing Attacks.
Here is a prime example: The WHO published an alert last month – available here – warning that hackers are posing as the agency to steal money and sensitive information from the public.
So, what can YOU do?
The best advice I can give is simple. Don’t trust, and verify! Follow the tips provided by the CISA listed here. Always remember that, in cyber space, it may look like a duck and walk like a duck but sometimes… it’s a rat in a duck suit! Be careful out there!