In times of uncertainty, like those that we are currently in, we have the pleasure of seeing the very best in people. We have seen time, and again people stepping up and using their resources to help. We have witnessed automobile and vacuum manufacturers switch gears to make ventilators. Distilleries are helping by producing hand sanitizer. Most of us are doing whatever we can to help out our current state of uncertainty. Unfortunately, some take these times of uncertainty and benefit from them by preying on vulnerabilities. So, to add to our present risks of health and economy, we also have an increasing Cybersecurity Threat.
Over the past few weeks, as the news of COVID-19 soars, the attempted cybersecurity attacks are doing the very same. These attempts range from malicious domains (fake websites), email spam, malware, BEC, and even ransomware. As if you don’t have enough to worry about, now is the time that all emails and websites must be verified.
The phishing attempts we are seeing are tricky. They have included:
- Requests to change payment methods due to COVID-19.
- Shipping information regarding orders. These may ask you to approve a new shipping date.
- Information regarding interactive/tracking maps showing COVID-19 infections and deaths
- Information about a vaccine (it doesn’t exist yet) or specific precautions
- Investment deals due to COVID-19
A few of the malicious domains we have seen include:
- “Government” websites: These site lure in users with the promise of financial relief. They typically ask for personal information, including bank account information. Then, guess what… the cyber-criminals now have your name, address, and your banking credentials.
- COVID-19 websites: These sites ask you to download an application. The promise is typically a “cure,” an outbreak map, or precautions to take. Unfortunately, with a download, you now have malware on your computer.
- Websites offering software: These sites provide software for working at home like VPNs. Once you download the “VPN,” the malware is now installed on your computer.
- Entertainment sites. Cybercriminals are aware that most of us are homebound. Now there has been a great deal of fake streaming sites or those offering games or promotional entertainment that again have malware embedded in the download.
The threats are real and can thoroughly disturb your business. More importantly, these threats can cause significant financial hardship. Before you click on anything, verify the website and the credentials. If there is any question whatsoever, always verify. Even if it looks like a legitimate email or website if you sense even the slightest uncertainty, make sure you verify the source. Reach out to our Pendello Team for assistance with any uncertainty in websites and emails; let us investigate before it is too late.