Coronavirus-themed cyberattacks are ramping up amid the crisis
While the escalating Covid-19 outbreak is giving us enough to worry about already, cybercriminals are adding more to the mix. Hackers are exploiting the chaos and fear caused by the crisis to carry out attacks. From coronavirus-themed malware to attacks on health institutions, let’s take a look at what’s going on and how to protect your business.
Attacks on organizations
Earlier this month, the World Health Organization issued a warning about online threats. Criminals have been disguising themselves as WHO representatives to carry out phishing attacks. However, the organization itself came under attack recently as hackers attempted to steal passwords of WHO employees a few weeks ago.
They’re not the only ones experiencing a surge of targeted cyberattacks. The U.S. Health and Human Services suffered from a targeted DDoS attack a few weeks back.
This is bound to get worse. More and more companies are shifting to remote work during the pandemic, but not all are well prepared to secure their teams working from home. And hackers are targeting the most vulnerable parts in company security — employees.
Phishing schemes have jumped a staggering 667% since February. Most of the campaigns have been targeted towards individuals. By getting them to click on a malicious link, criminals can infect their devices or even compromise the whole company network. Here’s what you and your team should look out for in the coming weeks.
Fake coronavirus maps. The maps, tracking the spread of the virus have become an invaluable tool for hackers to spread malware. Criminals are creating doppelgangers of legitimate maps — such as the Johns Hopkins map. They hide malicious software that can steal sensitive information from the user’s browser or their device. The data can include cookies, browser history, passwords, or credit card details.
Dangerous websites. Over 4,000 new coronavirus-related domains have popped up since January. 3% of those are considered malicious, possibly containing malware. While it may not seem like a high number, domains related to the virus are 50% more likely to be malicious than others registered in the same period.
Coronavirus-related apps. Apps disguised as providing the latest Covid-19 information have also been found to be dangerous. They might be containing malware or just trying to get at the sensitive data stored on your device.
Coronavirus-themed phishing emails. These come in all shapes and forms. From WHO impersonators to disinformation campaigns, phishing emails have been flooding people’s inboxes worldwide. Their strategies vary. Some contain malware, while others try to get you to reveal sensitive information. Either way, they can have disastrous consequences.
How to stay protected
Be vigilant. Did you get an email from an unknown source? Is it inciting fear or urging you to do something? It’s likely a phishing scam. Telltale signs like grammar mistakes, poor design, and insistence on getting your personal information mean it’s a phishing scam. While most of them will probably end up in your spam folder, some may slip through.
So be careful — never click on the links in the email. If you must, copy the link and check it before clicking enter. Is it leading you to the website it’s supposed to? The same goes for downloading attachments. If you have to, try to contact the sender through other means before installing anything on to your computer.
Don’t download unknown software. Be especially careful when downloading new apps onto your devices — especially if these are coronavirus-related. If you must, do your research before installing anything and download apps exclusively from your official app store.
Get a remote access VPN. If your company is shifting to remote work, VPN software is an absolute must. It enables secure remote access for each employee, no matter where they’re based. It encrypts internet traffic on your team’s devices, ensuring that no hackers can intercept it.
Get antimalware. Ensure that each employee has antimalware on their devices. It could help avert disaster if some of your coworkers were to end up with malicious software on their work devices.
Educate your employees. Keep your coworkers informed about fresh digital threats and how to avoid them. Ensure they know and follow the latest cybersecurity procedures at your company and have all the necessary tools on their devices.
NordVPN Teams is your source for advanced digital online security. Our business VPN uses military-grade encryption to ensure your whole company’s on a secure network at all times. Get one-click advanced protection with NordVPN Teams: The Business VPN.