Phishing emails and attacks in the age of COVID-19

Latest phishing scams use pandemic to steal personal data

Cyber criminals are leveraging COVID-19 to send malicious emails impersonating government officials to harvest personal and company data. These attacks often come in the form of an email about COVID-19 testing, stimulus checks/unemployment insurance, antibody testing, false treatments, charities, contact tracing or even grocery delivery services. These scams are so prevalent they have led to warnings about the trend from governments across the globe as well as well as the CDC and the Federal Bureau of Investigation.

COVID-19 and the cybercrime opportunists

Why are these phishing emails and other scams particularly effective? Scammers know the general public are interested in all things related to corona virus, such as antibody tests, virus tests, vaccines and much more, and they also know some individuals may be easy targets for phishing emails promising services or miracle cures. These criminals leverage those vulnerabilities to gather personal data such as birth dates, social security numbers, insurance information, financial information and more, all which could be used to clean out your accounts, steal from your clients, steal your identity or even conduct insurance fraud. Emails may contain links or malware downloads that can pose a threat to companies, including health care IT systems, financial institutions and large-scale organizations.

Recognizing and preventing COVID-19 related attacks

Recognizing a phishing email can be tricky, particularly as scammers have become adept at making their emails look legitimate, often impersonating a government entity such as the Centers for Disease Control or the World Health Organization. They may even create an email address that appears to legitimately come from the agency they claim to represent. It often takes a trained eye to spot the difference—so don't be afraid to contact your IT professionals or trusted network security partner when you receive a suspicious email.

Of course, scams don't end with the in box. In fact the CDC has also reported an increase in COVID-19 scam calls and robocalls which appear to originate from the CDC on your caller ID. These callers are sometimes requesting donations, or hoping to gather your personal information. These types of calls are known as "government impersonation fraud," and can be very sophisticated.

Here are some general tips to help protect yourself and your business from these latest COVID-19 related attacks.

• Never open unsolicited emails from senders you don't know.
• Don't click links in emails. Instead, type the address into your browser window or search for a site online to find the correct website.
• Hover over email recipients to view the origin of the email, and hover over links to verify where they lead.
• Never give out personal information over the phone or via email, including banking information, to a person whom you do not know or did not reach out to yourself.
• If a call seems suspicious, simply hang up. This typically does not mean your telephone has been hacked.
• Be suspicious of anyone who is attempting to sell you COVID-19 treatments, supplements or miracle cures.
• There is currently no vaccine for prevention of COVID-19, and there is no waiting list to receive the vaccine. Anyone who makes these promises to you is likely trying to steal your data.
• The government will not ever ask you to pay money or share personal information over email or telephone to receive a stimulus check or unemployment insurance payments.

Protecting your business from phishing scams: an ongoing effort

Protecting your business and your personal data from scammers is an ongoing effort. Of utmost importance is training staff to recognize possible phishing emails and scams by phone, so they can avoid the problem. Whether it's time to shore up protection of your network, or refresh your employee training so they can recognize phishing scams and other cyberattacks, the experts at Locknet® Managed IT are here to help. Contact us to learn more about today's COVID-19 related risks, and how we can help keep Your Business. Safe.