Now, more than ever, cyber-criminals are taking advantage of the world moving to remote communications and Phishing and Ransomware attempts are becoming more prevalent. Any time a topic of global interest comes up, web-based scams taking advantage of them are soon to follow. The Coronavirus outbreak is no exception. As we try to learn more about this devastating illness, online searches and our own desires to help others make us vulnerable to cyber threats.
Scams Related to Coronavirus
Typically, online scammers use tactics like the following to leverage high-profile events so they can either solicit money fraudulently, or install malware on computers:
Advertising/posting links on social media, directing users to fake charities, or other fraudulent web sites portraying relief efforts, or selling products. Many new web domains using “Coronavirus” and related terms such as “help,” “relief,” and “victims” have already been spotted by the Center for Internet Security.
Sending phishing emails, again with links to fraudulent sites, or with attachments that will install malware when opened.
Protect Against Phishing
Phishing and ransomware are evolving with Artificial Intelligence and we should expect more sophisticated attacks in 2018. AI-driven phishing attempts are now a greater risk as sophisticated Malware will now mimic writing styles, review, and infiltrate calendars.
Phishing is a form of online identity theft in which fraudsters trick Internet users into malicious transactions or submitting personal information to illegitimate web sites. Phishing scams are usually presented in the form of emails, spam, or pop-ups and are often difficult to detect.
Because phishing is one of the most devious forms of identity theft, it is important for you to become familiar with various types of phishing scams as well as to learn how to guard against them. You should always be careful about giving out personal information over the Internet. Luckily, companies like ours have begun to employ tactics to fight against phishers, but we cannot fully protect you on our own.
Remember that you may be targeted almost anywhere online, so always keep an eye out for those “phishy” schemes and never feel pressure to give up personal information online.
Steps to Keep Safe
To help you protect yourself from phishing, please observe the following:
Guard against spam emails. Be especially cautious of emails that:
Do not come from the sender’s known organization domain name (e.g. @zivra.com).
Come from unrecognized senders.
Ask you to confirm personal or financial information over the Internet and/or make urgent requests for transactions.
Try to upset you into acting quickly by threatening you with frightening information.
It is best to open attachments only when you are expecting them and know what they contain, even if you know the sender.
You should always be careful when responding to unknown email addresses. Don’t free up information.
Do not click on links, download files or open attachments in emails from unknown senders.
If you hover over the link without clicking on it, and it shows a vague link, do not click on it.
Never email personal or financial information, even if you are close with the recipient. You never know who may gain access to your email account, or to the person’s account to whom you are emailing.
Communicate personal information only via phone or secure web sites. In fact, when conducting online transactions, look for a sign that the site is secure such as a lock icon on the browser’s status bar or a “https:” URL whereby the “s” stands for “secure” rather than a “http:”.
Beware of links in emails that ask for personal information, even if the email appears to come from an enterprise you do business with. Phishing web sites often copy the entire look of a legitimate web site, making it appear authentic. To be safe, call the legitimate enterprise first to see if they really sent that email to you. After all, businesses should not request personal information to be sent via email.
Beware of pop-ups and follow these tips:
Never enter personal information in a pop-up screen.
Do not click on links in a pop-up screen.
Do not copy web addresses into your browser from pop-ups.
Legitimate enterprises never ask you to submit personal information in pop-up screens, so don’t do it.