According to recent findings by Proofpoint, cybercriminals are seizing on coronavirus fears by using online scams to extract internet users’ personal and financial information. These scams – sent through email, texts or social media – claim to provide coronavirus awareness, sell virus prevention products and/or may ask for donations to a charity. They can often appear to be from a legitimate organization or individual, including a business partner or friend.
“Year round, the National Cyber Security Alliance encourages everyone to be safe and secure online,” said Kelvin Coleman, NCSA’s executive director. “However, during times of national hardship, such as the coronavirus outbreak, bad actors increase their fraudulent activities. As such, we urge everyone to be extra vigilant against online scams, including phishing and malware, that are more prevalent in times like these.”
NCSA offers these tips to avoid being a victim of these scams:
- Don’t reveal personal or financial information in an email, and do not respond to email solicitations for this information. This includes following links sent in email.
- Pay attention to the website’s URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net).
- If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in an email. Check out the Anti-Phishing Working Group (APWG) to learn about known phishing attacks and/or report phishing.
- Keep a clean machine. Keep all software on internet-connected devices – including PCs, smartphones and tablets – up to date to reduce risk of infection from malware.
Additionally, as more employees are working from home due to the coronavirus outbreak, NCSA urges companies to establish security policies and guidelines for remote workers and train them on these policies and the company’s expectations. Companies should also have a clear process for reporting any IT issues for remote workers so they know who to turn to for support.
NCSA recommends the following tips for employees working remotely on how they can stay safe online when using company devices:
- Connect to a secure network and use a company-issued Virtual Private Network to access any work accounts. Home routers should be updated to the most current software and secured with a lengthy, unique passphrase. Employees should not be connecting to public WiFi to access work accounts unless using a VPN.
- Separate your network so your company devices are on their own WiFi network, and your personal devices are on their own.
- Keep devices with you at all times or stored in a secure location when not in use. Set auto log-out if you walk away from your computer and forget to log out.
- Limit access to the device you use for work. Only the approved user should use the device (family and friends should not use a work-issued device)
Regardless of where you are, NCSA urges all internet users to stay safer and more secure online by updating software on all devices (including antivirus and firewalls) backing up data, enabling multi-factor authentication and having strong, lengthy passphrases for each online account.
For more information and tips on how to stay safe online, visit NCSA at www.staysafeonline.org.
STOP.THINK.CONNECT.™: Broad Government, Industry and Non-Profit Coalition Unveils First-Ever Coordinated Online Safety Message
October 4, 2010