The effects of the Coronavirus have been felt across the globe. The outbreak has caused widespread fear and uncertainty, making it a very emotional topic for most people. This has created the perfect environment for opportunistic hackers.
Phishing Attempts Referencing Coronavirus
According to Barracuda Network’s research, the number of phishing attacks that reference the coronavirus has increased by 667% since March 1st.
While COVID-19-related attacks only represent about 2% of all phishing attacks in that time period, this sharp spike tells us that this threat will only continue to grow.
How Hackers Are Targeting Users
Hackers looking to spread malware, steal credentials, and scam people out of money are using COVID-19 as a cover for their attacks.
The phishing schemes used are all relatively common. However, by referencing the coronavirus, hackers are able to capitalize on users that are distracted by the fear and uncertainty caused by the pandemic. It’s a strategy that plays on the emotions of potential victims.
Common scams include offering to sell coronavirus cures, asking for investments in fake companies that are pursuing a vaccine, or asking for donations to fake charities.
Other emails contained links to malware disguised as an overdue invoice that the sender claimed was delayed due to the coronavirus.
How to Protect Your Organization
In reality, these coronavirus-related phishing emails are simply a new twist on an old strategy. We still recommend the same precautions for your staff and your organization:
- Be suspicious and verify the sender of any emails asking you to click a link or open an attachment.
- Flag emails from sources that do not normally send you emails. If you haven’t signed up for a business or organization’s distribution list, there’s probably no reason they would be emailing you now.
- Don’t respond to email requests for donations. Instead, proactively seek out credible organizations helping with coronavirus efforts and donate to them directly.
We strongly recommend reaching out to your staff to make them aware of this new tactic for email phishing attacks.
Hackers are relying on the emotional charge of the coronavirus to reach victims that wouldn’t normally fall for phishing schemes. By raising awareness, you can help prevent members of your organization from falling victim to a cyber attack.
M-SAT (Managed Security Awareness Training)
Employees will be enrolled in Warwick’s Managed Security Awareness Training (M-SAT) program. Warwick’s M-SAT provides continuous, tailored, and relevant education campaigns that will result in a well-trained, cyber-aware workforce. Training is completed online. Employees are sent test-phishing emails, then provided with videos and quizzes for training and knowledge retention. On a quarterly basis, we will review reports to assess performance and improvement.
Your employees are your most valuable asset, however, they can also be the weakest link against a cyber-attack. A well-trained employee can greatly reduce these attacks, especially as the remote workforce continues to grow.
Contact Warwick to find out more information.