As the world acclimates to our “new normal,” cyber criminals persist in exploiting COVID-19. The sudden growth in remote work, virtual education and healthcare, along with the surge in online shopping and society’s hunger for pandemic-related information have created a lucrative environment. It is important be on-guard, with increased vigilance around your personal and professional cyber defense.
What we’re seeing:
- A significant number of coronavirus-based domain names have been registered, and many will be used to steal information or spread malware.
- Cyber security research firm Sophos Labs reported over 42,000 websites with domain names containing “COVID” or “corona” had been newly-registered.
- In addition, at the end of March researchers at Barracuda Networks had seen a 667% increase in pandemic-related phishing attacks.
The tactics used by cyber criminals will evolve to take advantage of emerging developments including contact tracing, which is expected to ramp up. Be cautious of any notifications regarding interactions with someone who has tested positive or shown symptoms. Furthermore, be suspicious of COVID-19 testing requirements purportedly from the government or a healthcare organization. Scammers often convey a false sense of urgency to scare people into providing health insurance, personal and/or financial information.
Security Best Practices to Avoid Threats
- Approach all email with heightened attentiveness and focused attention.
- Beware that sometimes email addresses are slightly modified to look legitimate. Carefully check the “From” email address and domain. If you have the slightest doubt, do not click on any links or attachments and delete the email immediately.
- Be aware that typosquatters take advantage of common misspellings or slightly modify website addresses to re-direct people to malicious websites:
- Do not click on any links.
- Check the website spelling.
- Hover over a link to determine if it’s legitimate.
- Open a browser and type the website address.
- Only load apps from the Google Play Store and Apple App Store.