Aside from physical harm, COVID-19 is also causing uncertainty and fear which is a prime opportunity for malicious hackers and scammers to prey on those working from home. Hackers use situations like these to pose phishing attacks to steal people’s information and money. Because of the COVID-19 pandemic, many businesses have moved their employees to a remote setting. According to NBC, “more than one-third of senior technology executives surveyed by CNBC say that cybersecurity risks have increased as a majority of their employees working from home” (Rosenbaum, 2020). Keches Law Group would like to offer up some tips on how to avoid scammers amidst this unprecedented time.
Tips for Online Browsing:
- Do not click on links from sources you do not recognize. Doing so could potentially download a virus onto your device.
- If you are looking to donate to an organization, make sure you are reading up on the different charities or funding sites before providing your information.
- Disregard any online offers for vaccinations as there are currently no vaccines or pills available online or in stores to cure COVID-19 (as of March 19, 2020).
- If you are online shopping for items that are in high demand (like facemasks), be sure to verify the store. Do not buy from any website that seems to have these items in stock for a fair price.
Tips for Working Remotely:
- Use strong/unique passwords on all devices and apps
- Follow your employer’s security practices and let your IT team know before installing any software you may need
- Hover your cursor over senders’ addresses to verify they are legit.
- Keep an eye out for misspellings and grammar that seems off
- Watch out for ‘click link’ or ‘see attachment’ with urgent tones
- Never offer up your credentials
- Be aware of emails or phone calls requesting account information
Here is an example of a real phishing email that used a familiar name (in this case, the recipient’s manager) along with an urgent request. In this instance, the scammer knew the actual names and is trying to use urgency to get them to give up their cell phone number. Even though the scammer knew their real names, they used an unknown email address which the recipient checked and validated that it was not a real email.
Subject: I need your attention as soon as possible
Would it be possible for you to complete a task for me? I’m in a meeting. Please give me your personal cell phone number.
Sent from my iPhone
In a nutshell, if you are unsure about something, reach out to your supervisor, a coworker, or your IT team for help by phone.
To conclude, most scammers use phishing emails leading you to click harmful links or downloads. They will try to get you to offer up your personal information. There have already been a few instances where these cybercriminals are trying to impersonate health organizations such as the Centers for Disease Control (CDC) as well as the World Health Organization (WHO).
Keches Law Group would like to remind individuals to be vigilant and be extremely cautious when surfing the web or working from home.