COVID-19 outbreak: How to avoid cyber criminals taking advantage

We have been overrun these past few months with everything Coronavirus, COVID-19-related, and with it, a near-constant stream of information and disinformation sent to us/available from/on every platform known and used by man.

The world has gone a little crazy.

The problem here – besides the fear, panic and already crippling, economic ripple-effects from the virus itself – are the opportunistic cyber criminals who revel in exploiting this fear and chaos in order to steal money and compromise businesses. 

Three cyber security issues to watch out for especially at present:

1. Fake Websites: These fake coronavirus-related websites offer a “cure” to the virus. Such cures can consist of natural and pharmaceutical remedies, vaccines, testing kits, and other bogus health solutions. The key to determine if a website is fake is to check: 

  1. Does the website have a secure connection with a padlock icon? The vast majority of malicious websites being used by criminals these days do have security certificates, however if a website has no padlock icon in the URL it is definitely one to avoid!

  2. Are these websites offering in-demand items at extremely low costs? These malicious actors could be trying to steal credit card information and install malware. As the saying goes, if it sounds too good to be true, it probably is.

  3. Carefully read over the verbiage on the website. Most fake websites are poorly written. Identifying this trait early on can help determine a website’s legitimacy.

2. Spoofing Government and Health Care Organisations: Hackers are already impersonating the UN’s health agency in an effort to carry out a variety of scams, from account takeovers to phoney donation requests and the spread of malware.

The Federal Trade Commission (FTC) is also warning of spoofed emails, text messages, and phone calls that claim to be from the Centres for Disease Control (CDC). Watch out for coronavirus-related phishing emails, smishing (text message phishing), and phone fraud scams over the coming weeks. These scams will focus on our insecurities about how the virus is spreading. The scams could be fake health agency warnings about infections in your local area, vaccine and treatment offers, and alerts about critical supply shortages.

These contact points can be highly convincing due to cyber criminals using professional phishing kits like perfectly matched logos and email formats of legitimate organisations. In addition hackers will incorporate “combosquatting” and “typosquatting” tactics to fool users into thinking the link is legitimate. One example of typosquatting is when an attacker uses popular domains that are misspelled incorrectly but look like real a domain name. For example, faecbook.com or wellsfagro.com. Combosquatting and typosquatting have similar tactics used to fool users, however, the domain name is appended with -security. For example, wellsfargo-security.com or security-chase.com. Notice the domains are not misspelled but prepended or appended with the word security.

3. Social Media: Social media users need to be wary when scrolling through their timeline or clicking on links unwitting family members may forward. Two specific scams that are likely to play off of the current coronavirus situation are fake fundraising and investment scams.

Fundraising hackers will use stories and images of real people to tap into your limbic system – the emotional part of your brain. Notably, these scammers will utilise legitimate fundraising platforms like GoFundMe to collect donations. Be cautious of any individuals asking for donations.

The second threat for coronavirus-related scams deals with investments. As the Securities and Exchange Commission (SEC) recently warned, criminals will use social media to promote microcap stocks which they claim have a product or service that can help prevent or treat coronavirus. These are pump-and-dump scams that could cost investors lots of money. Be sure to perform some research. A quick search will help clear any cloudiness about the proposed investment.

Our handy infographic summarises three things to look out for… share amongst your friends, family and colleagues to better protect against cyber crime.


Check out our recent post on creating a more cyber secure home environment whilst setting up / working from your home office.

And check out how to keep the kids safe online if they’re using their devices more than normal during these challenging times. 



CybACADEMY courses powered by GoldPhish® educates users on the cyber risk and helps build a more secure organisation with awareness training.

Want more information on products and services provided by GoldPhish email info@goldphish.com





Recent Posts

  1. Create a Cyber Secure Environment when Working from Home

  2. Cameras and Microphones | Are you being watched?

  3. Online Gaming and Cyber Crime – are you playing, or being played?

  4. What your favourite brands know about you!

  5. Ransomware – To pay or not to pay?


Recent Comments

  1. Falling Victim to Credit Card Fraud | GoldPhish on Your home is your castle – is it time to raise your cyber drawbridge?

  2. https://muado.infoon Is it time to Power up your Password Security?

  3. socks5 txt on To Fish or not to Phish?

  4. steve davidson on On a mission to protect smaller businesses with Free cybersecurity awareness training

  5. shekhar arora on Your home is your castle – is it time to raise your cyber drawbridge?


Archives

  1. March 2020

  2. February 2020

  3. November 2019

  4. September 2019

  5. July 2019

  6. June 2019

  7. April 2019

  8. March 2019

  9. February 2019

  10. January 2019

  11. December 2018

  12. November 2018

  13. October 2018

  14. September 2018

  15. August 2018

  16. July 2018

  17. June 2018

  18. May 2018

  19. April 2018

  20. March 2018

  21. January 2018

  22. December 2017

  23. November 2017

  24. October 2017

  25. September 2017


Categories

  1. Access Control

  2. BEC scams

  3. Becybaware

  4. blackmail

  5. Blockchain

  6. Blog

  7. Cameras and Microphones

  8. Cloud Security

  9. Computer Virus

  10. CybACADEMY FREE 100

  11. Cyber Insurance

  12. Cyber Safe

  13. Cyber Safety at Home

  14. Cybersecurity

  15. Data Protection

  16. Data sharing

  17. Fraud

  18. GDPR

  19. Geolocation

  20. Identity Theft

  21. Kids & Digital

  22. Kids & Tech

  23. Malicious Software

  24. Malware

  25. Online dating scams

  26. Online gaming

  27. Phishing

  28. POPI

  29. Ransomware

  30. Sextortion

  31. SIM Swap Scam

  32. Small business

  33. Smart Phone Security

  34. Social Engineering

  35. Social Media

  36. The Internet of Things

  37. Uncategorized

  38. User Awareness

  39. Water hole attack

  40. Webcam


Meta

  1. Site Admin

  2. Log out

  3. Entries feed

  4. Comments feed

  5. WordPress.org

#awarenesstraining #cybersafetyathome #publicwifi #cybersecurity #becybaware #cyber #cyberrisk #cybersafety #passwordsecurity #cybercrime

LINKS
GOLDPHISH

info@goldphish.com

 

Offices in

South Africa

United Kingdom

SOCIAL
  • LinkedIn
  • Twitter

CYBER SECURITY AWARENESS

© GOLDPHISH LTD. All rights reserved.