August 25, 2020
Cybersecurity in the Coronavirus Age: What You Need to Know

Six months into COVID-19 and cyberattacks continue to increase at a rapid pace. Increased online activity equals more opportunities for cybercriminals to exploit holes in your network security strategy, as shown by the sharp spike in cyberattacks during the first half of 2020. The following Covid-19 related cybersecurity traps are widespread, putting businesses without proper cybersecurity safeguards at risk during this pandemic:

• Donation Scams. Today’s society is vulnerable and people naturally want to help those in need during the pandemic. Cybercriminals are capitalizing on this vulnerability through email fraud, specifically emails designed to illicit donations to non-existent healthcare entities and charities. One example is an email asking for donations to support the World Health Organization conquer COVID-19, which isn’t the WHO at all but instead an anonymous recipient with an unknown location who now has your banking information. Never respond to an email or click on a link in the email with personal or financial information; call the organization to which you are donating to confirm and donate directly on the phone or through their secure site.

• Phishing Attacks. We are seeing a sharp rise in malicious email attacks. Phishing attacks – fraudulent emails designed to lure the victim to provide confidential information – have increased over 600% during the pandemic. They are especially targeting health care organizations and non-profits aiding during the coronavirus pandemic. To avoid being a victim of a phishing attack, check the accuracy of the email address and name of sender, notice mistakes in spelling and grammar, beware of generic greetings like “Dear Sir/Ma’am”, hover over the link before clicking to ensure it has a secure URL (https://), don’t click on links or attachments, and be suspicious of emails marked “urgent.” And as noted above, never give out personal or financial information based on an email request.

• Ransomware. Cybercriminals are leveraging ransomware now more than ever given today’s COVID-19 climate. These hackers send emails to your employees, which seemingly contain interesting and relevant COVID-19 information. Your employees then unwittingly click on the email link, which locks your entire IT infrastructure and brings your business to a halt (for example, you may not be able to bill customers, process or pay invoices, or access customer information). In many situations, the only way to “unlock” your system and get back to business is to pay the ransom.

• Vishing. The most recent tactic, which is the subject of a recent alert from the FBI and Cybersecurity and Infrastructure Security Agency, is voice phishing campaigns (“vishing”). Hackers are targeting employees working from home by calling their cell phones and impersonating their company’s IT helpdesk, and then coercing these employees into giving login credentials. Hackers have even created spoofed websites that resemble the company’s VPN login page, luring employees to sign into the spoof websites with their VPN credentials. In some cases, these hackers are able to spoof legitimate IT help desk phone numbers, tricking employees into unwittingly giving out confidential login information and enabling them to access the company’s network.

All companies, including especially those companies with a remote workforce, need to remain vigilant and proactive in their network security strategy. NBM is an established IT services provider that will manage your network proactively, train your employees on cybersecurity, and implement cybersecurity solutions that protect your company’s infrastructure so you can have peace of mind. Call us to learn more at 781-272-2034 x1000 or customerservice@nbminc.com.