Cybercriminals are working overtime and are taking advantage of the heightened anxiety and fear most of us are dealing with right now due to the Coronavirus pandemic. It’s easy to get distracted from staying vigilant about your tech security when you’re worried about your workplace and family.
We continue to learn of more schemes and will keep a running list of them here.
- Fake invoices are being sent for “purchases” of sanitizing equipment and masks, with the intent of tricking accounts payable into sending a check
- Attacks against recently (and sometimes haphazardly) deployed remote working infrastructures
- Solicitations for charitable donations to organizations that claim to be fighting the coronavirus
- Malicious emails posing to come from healthcare providers stating the recipient has been exposed to coronavirus and need to be tested. The email instructs the recipient to download an attachment to complete and take to the nearest emergency clinic for testing. What the recipient doesn’t realize is that the attachment contains malicious code that installs malware onto the computer and gives the cybercriminal control of the device.
- Facebook is presenting numerous opportunities for cybercriminals to gain access to information. Facebook users have a lot more time on their hands and are taking surveys and sharing senior photos and lists of cars they’ve owned. Think about it…what are the typical security questions on the various online accounts you’ve set up? Your favorite vacation spot, your first car, your birthplace, your high school…all of which are pieces of information being shared to the world via Facebook. Cybercriminals use that data for social engineering attempts, through which they may hack into one of your accounts or convince you to unknowingly send them money.
- Messages sent through texting or other platforms (i.e. WhatsApp, Facebook Messenger) touting availability of relief funds, with a link to apply. Clicking the link opens a fake webpage which requests banking info for the deposit of funds.
It’s possible to fall victim to these scams when you’re focused on more pressing priorities. Read more about the scams and how to protect yourself at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency’s website.
This content was created during a snapshot in time and should be relied upon as such. Legislation and guidance continue to change as we progress through the current fluid environment and the information may not be applicable at a later date. All content and materials are for general information purposes only. If you have questions regarding your specific situation, please contact us.