How are cybercriminals exploiting COVID-19? 5 mins

Covid-19 has been levied as a curse upon us and no part of the world has escaped its raft. Many businesses have gone bankrupt and even countries with strong economies are suffering due to it. Setting up a business takes a lot of hard work and dedication is required towards it. Especially steering your business through these tough and challenging times.

 The world is a cruel place is what we have heard all our lives and with coronavirus in the context, sadly cybercriminals have emerged and made an opportunity for themselves out of all of this. These criminals that with the use of technology have found loopholes and ways to exploit the weak furthermore in this pandemic. According to data published, cybercriminals have tripled their phishing scams since the beginning of the year 2020.

Let’s understand what phishing is:

Phishing is a basic term that refers to malicious ticks used by these cybercriminals to get access to your personal information that is used to rob you. This can be done in many ways, for instance by deceiving you to install malware or making you download apps that transfer your sensitive information into their servers. Unfortunately, even people who are educated and aware of these criminals are falling into their tricks.

Different tricks being used to exploit you are:

Since Covid-19 is in place, the government and health departments are constantly reminding the general to protect themselves from getting exposed to the virus. They’re doing this through various channels by making the public aware through text messages, advertisements, phishing emails, billboards, etc. So what cybercriminals are doing is that they are sending out fake COVID-19 messages, emails, and making calls disguising themselves to be health departments, officials, members of government, and concerned people. In these messages, they send out links, or directions to install apps that can help them or provide instructions but in reality, they are using dirty tricks to install the malware on your devices. Then your devices get connected to their servers and hence this way they steal away your personal data.

Moreover, bogus calls are also made by these criminals pretending to be officials of the federal government and directing you to provide your personal details to them. They ask for information such as your Social Security numbers, bank account details, passwords, or other vital information in order to receive an economic stimulus check. Other scams may involve them to be pretending to be members of charity organizations and asking for donations. People have big hearts and they instantly make donations without asking for extra details. In return little, they know that they are just robbed. The criminals may ask you to donate for charitable contributions, financial relief, airline refunds, fake cures or vaccines, and fake COVID-19 testing kits. Furthermore, other cunning tricks used by these hackers are that they manipulate you into getting your personal information and through this they contact your close ones pretending and faking to create a situation asking for funds from them. They may enact like you have been in an accident or any similar tough situation and acquire immediate support. In this way, many criminals are successful in making fools out of people and stealing their hard-earned cash from them. Steps that can be undertaken to protect yourself and your employees from phishing attacks by these cyber criminals:

The first most that can be done is to educate yourself and your employees. Yes, this is the best way that you can use to outsmart these criminals and prevent yourself from being their scapegoats. There are many online courses and articles available free of cost regarding how to keep yourself safe from these attacks. Educating yourself can help you recognize the phishing attacks and can help you make these cybercriminals' attempts useless. Once you have gotten enough knowledge regarding phishing attempts, you can spread it around to keep your close ones safe from these vicious money stealing monsters.

Secondly, the majority of these phishing attacks originate from countries with weak laws and cyber controls. Therefore, when answering calls to unknown calls or emails, you should be on the lookout for oddball phrasing and typos. This can help you in detecting if there is anything fishy going on.

Like said earlier, COVID-19 has disrupted the lives of the majority. Everything has changed and the concept of work from home has originated. Many companies have allowed their employees to work from home to keep themselves and their close ones safe. This concept has been adopted by many businesses and the employees use personal devices to get their office work down. Now, what cybercriminals here do is that they target those employees who don’t have up-to-date security suites which leads them to become compromised, they may transfer the malware to your company’s system when they interact with it. In this situation, you should guide your employees on how to keep their devices up to date and have strong protection anti-viruses installed in their devices which protects any malicious software’s infecting them. Furthermore, the company must have a remote access process in action that regulates the storing of proprietary firm information on your employees’ devices and avoids malware from transferring to your corporation systems.

The basic training that you can give your employees on how to make their home devices secure is by:

  • Encrypting computer drives
  • Necessitating strong PINs for wireless networks
  • Installing and updating strong antivirus software
  • Using mobile device management software
  • Avoiding public Wi-Fi networks
  • Ensuring that VPNs and other remote working tools have been configured for security instead of using default system admin logins

If you happen to be involved in a business that requires credit card information over the phone or through email. Then your business and customers are highly at risk as these transactions account for a large fraction of credit card fraud. Ways you can prevent these frauds are that you need to ensure you’re following Payment Card Industry Data Security Standard (PCI DSS) protocols as you would in your retail space.

Following PCI DSS standards will greatly reduce or remove the likelihood of having to pay fines or penalties in the event of a cardholder data breach.

The best option to keep you and your business safe in COVID-19 from these cybercriminals is to get cyber insurance. This insurance can help you in minimizing loss if you become a victim of these criminals. Also, some insurance companies provide small businesses with risk management services that provide free or discounted risk assessments, employee training, and protective hardware or software.

Next Blog