At a time when financial markets are in turmoil and people are panic buying, it should come as no surprise that cybercriminals are capitalising on the current climate. Mimicking COVID-19 content, scammers are preying on people’s vulnerability during the coronavirus pandemic through malicious emails, news and websites for the purpose of stealing money or personal information and creating further anxiety in the community.
Cybercriminals are relying on people to be distracted, concerned or motivated to obtain information about coronavirus and who are therefore less likely to notice errors or inconsistencies that they would usually pick up on. In this respect, we have compiled several different examples of current coronavirus-related scams that are targeting both businesses and individuals:
Fake websites and the spread of misinformation
Scammers have created fake news sites which often lead with sensational headlines, otherwise known as ‘click-bait.’ They are an easy lure as people search online to better understand the virus. These fake sites are usually riddled with malicious links. If you do see something of interest online, please check the site’s web address before clicking any article links. The same approach should be applied to unsolicited news-related emails and social media posts.
Websites have also been established to peddle bogus supplements, lotions, pills and other products which claim to boost immunity levels or even help cure those afflicted with the virus. These sites prey on those most vulnerable to the virus, particularly the elderly or those subject to health issues. For information about treatment we recommend checking with the Australian Government Department of Health or follow advice directed by your healthcare professional.
Phishing emails and malware tactics
Hackers across the world have set up phishing campaigns using coronavirus-based domain names. Phishing emails describe themselves as coming from centres of authority and offer advice in the form of attachments or through links which can install malware, steal personal information, or attempt to capture login and password credentials.
These emails are designed to deny users access to their systems and hold them ransom until an amount is paid. The World Health Organisation (WHO) is aware its brand is being used by scammers and recently published the following warning:
“Make sure the sender has an email address such as ‘email@example.com’. If there is anything other than ‘who.int’ after the ‘@’ symbol, this sender is not from WHO. WHO does not send email from addresses ending in ‘@who.com’, ‘@who.org’ or ‘@who-safety.org’ for example.”
Scammers are also taking advantage of people’s charitable spirit. Emails from dummy organisations and crowdfunding pages have been doing the rounds via email and social media. Many of these fake charities often ask for donations in the form of cryptocurrency or bitcoin payments. In these instances, always research the charity and its purpose before making any donation.
Cybersecurity in the workplace
Many businesses are considering or have already instituted ‘work from home’ policies to protect their people and minimise the spread of the virus. Aligned with this shift should be a reminder to employees that they have a responsibility to treat proprietary and customer data as both sensitive and confidential.
As businesses brace for uncertain times ahead, a security breach or ransom could become the straw that breaks the camel’s back. If your business is shifting to a remote workforce, we encourage you to remind staff of the following:
- The importance of security to the business, its devices and any associated policies
- The importance of a strong password
- The importance of diligence and double-checking of email sources, email trails, and account payment details
- The pitfalls associated with the use of public WiFi
- The types of software that can and can’t be downloaded offsite
- The process for accessing IT support from a remote location, and the steps to be taken when something goes wrong, or they suspect malicious content
Other considerations for businesses preparing for a remote workforce:
- Generate awareness through ongoing training or the dissemination of information related to phishing tactics
- Consideration of multi-factor authentication to improve security measures
- Ensuring that antivirus, anti-malware, patching is always up-to-date.
- Ongoing review of your systems logs and alerts given the significant changes in attack potential for your organisation.
Businesses will be experiencing an unprecedented amount of traffic accessing the network remotely through VPN’s (Virtual Private Networks) and multi-factor authentication. Accordingly, IT security teams should increase monitoring activities during the COVID-19 period. VPN’s should be patched regularly, and networks should be tested to ensure increased remote activities can be handled.
COVID-19 presents a range of challenges to businesses across Australia, however advancements in information technology means organisations can remain operational and nimble in the face of uncertainty. Keeping one eye on the pervasive cyber threat in the midst of this crisis is critical to ensuring ongoing success.
We are here to help. To learn more contact our Risk, Assurance and Consulting team at HLB Mann Judd Melbourne.
This article was co-authored by Kapil Kukreja.
Visit HLB Mann Judd’s COVID-19 Resource Centre for insights to help you and your business during this challenging time.