Skip to content
Click Here to Watch the Webinar
A vital measure in slowing the spread of COVID-19 is social distancing. This resulted in IT teams working feverishly to build work-from-home setups for entire companies. Now millions of people all over the world are suddenly working remotely from their homes, which has created the largest global remote workforce ever.
Moving these millions of employees, their computers, and their data from a secure office environment to the home office with minimal notice is presenting tremendous data security risks, including simple technical glitches, accidental human error, and a large uptick in malicious cyber-attacks.
The exploitation by cyber criminals of the current COVID-19 global pandemic is growing by the day. These cyber criminals are targeting individuals, small and medium enterprises, and large organizations with COVID-19 related scams and phishing emails. Individuals and organizations should remain alert to this ever increasing activities and take proactive steps to protect themselves.
You’ll be surprised the things you can do to better secure your data! Malicious cyber actors rely on basic social engineering methods to entice users to carry out a specific action. These bad actors are now taking advantage of your curiosity and concern around the COVID-19 pandemic and will persuade potential victims to react. The following is on the rise and we suggest you stay educated.
Have you been receiving emails with subject lines that contain COVID-19-related phrases such as “Coronavirus Update” or “Coronavirus outbreak in your city (Emergency)”? Many times, to create the impression of authenticity, malicious cyber actors will spoof sender information in an email to make it appear to come from a known trustworthy source. These emails often contain calls to action, encouraging a victim to visit a website where malicious cyber criminals steal valuable data, such as usernames and passwords, credit card information, and other personal information. How is it happening? Curiosity has you clicking on a link or downloading an app that may lead to a phishing website, or the downloading of malware.
Most phishing attempts come by email but there are ways to carry out phishing, including text messages (SMS). SMS phishing is often used when finances are involved especially with government payments and rebates. Coronavirus-related SMS phishing will continue to increase, particularly in light of the economic impact of the epidemic and governments employment and financial support packages.
Ransomware is still one of the biggest cyber threats out there. It is destructive and it encrypts ALL your data and locks you out. You will then be asked for a ransom so you can get the decryption key to get YOUR data back. To protect yourself and your organization against ransomware be sure to do frequent data backups in multiple locations, don’t keep vital information only on one computer, NEVER access .zip attachments in e-mails from unknown senders. Don’t click links in e-mails from any unknown senders. Please keep your operating system and all your apps up to date and use a reliable antivirus.
And yes, you still need antivirus (yes, really) – get protection for your connection! Paid is better than free. Antivirus is still very necessary, so don’t skip it or even skimp on it. Westelcom recommends you try a free trial here: https://shieldly.com/westelcom/
Don’t forget your smartphone security! With so much sensitive data on it you should be doing everything you can to keep it safe. These few basic steps make your device much more secure. Turn on your screen lock and use it at all times. Encrypt confidential information and turnoff your Wi-Fi and Bluetooth off when you don’t use them. Make sure you check permissions before installing any app and stay away from the rogue ones. Last but not least – back up your data
Don’t ever say “it can’t happen to me.” In addition to being careful about which websites you go to, what about Facebook? Cyber criminals will often create fake profiles to befriend you. The ultimate goal is to get you to leak confidential data to them (either about you or the company you work for). Be careful of the friend requests you accept. Trust no Facebook friend (unless you know them in real life and you’re absolutely, positively sure they can be trusted). And stop playing the games and answering and forwarding the “chain letters”. Each time you participate you are giving up more personal information. The same information you use to answer your challenge questions. Think about it!
These bad actors are on LinkedIn too. Who is that new connection request? Is that really a recruiter or an attacker in disguise? Cyber criminals often create fake LinkedIn profiles to gain access to details about you that they can use later. They collect data about your studies, names of employers and connections, etc. Before you connect check out their profiles and look for these warning signs: too little, generic info, picture that looks like stock photography, very few connections.
You need to be realistic about your online presence and understand that you’re an attractive target for cyber criminals. We all have money (doesn’t matter how much), data (usernames, passwords, documents, emails, etc.) or a place of work, so you’re going to be targeted.
-Your Westelcom Fam