Is Your Remote Workforce Prepared For COVID-19 Phishing Scams?
The surge in COVID-19 phishing schemes adds insult to injury. Remote workers are advised to know the facts and avoid falling victim to phony email messaging.
The global COVID-19 pandemic caused massive economic disruption, forcing some sectors to close and others to pivot to remote workforce solutions. While the health crisis galvanized community support, nefarious hackers have launched an electronic blitz of phishing attacks.
According to resources such as Forbes magazine, cybersecurity research indicates that cybercriminals unleashed a surge of COVID-19 schemes. They targeted everyday people with a 22-percent increase in digital fraud attempts.
“It is clear that social distancing has changed consumer shopping behaviors globally and will continue to do so for the foreseeable future,” TransUnion Senior Vice President of Business Planning and Development Greg Pierson reportedly stated. “No doubt fraudsters will continue to follow the trends of good consumers and adjust their schemes accordingly.”
TransUnion’s “Global E-commerce in 2020” report had already pointed to stunning increases in cybercrime across the board from 2018-2019. The more heavily impacted areas include the following.
- A reported 347 percent increase in account takeover
- A reported 391 percent rise in shipping fraud attempts targeting online retail consumers
- A reported 118 percent increase in risky transactions from mobile devices
The wave of COVID-19 phishing attacks shows that digital thieves have a relentless profiteering determination to breach personal devices and business networks. The health crisis has in no way, shape, or form slowed such criminal activity. In fact, it appears digital bandits view the pandemic as a rare opportunity to profit from human suffering. Phishing schemes appear to be hackers’ weapon of choice.
COVID-19 Phishing Scam Impact
Atlas VPN data analytics point to a substantial uptick in coronavirus-related phishing schemes that began with widespread reporting about the outbreak. According to Atlas VPN, Google reportedly registered nearly 150,000 phishing websites in January. That figure nearly doubled in February, and March topped out at 522,000 scam sites.
“I believe that hackers identified coronavirus as something users are desperate to find information on,” Atlas VPN COO Rachel Welch reportedly stated. “Panic leads to irrational thinking and people forget the basics of cybersecurity. Users then download malicious files or try to purchase in-demand items from unsafe websites, in result becoming victims of scams.”
Coronavirus-related scam sites saw a 300,000 spike over two weeks in March. All told, phishing attacks during the global health crisis surged by upwards of 350 percent.
How To Avoid Becoming COVID-19 Phishing Victim
Hackers are acutely aware that an increased number of people are working from home. This reality, and the fact that people are champing at the bit for information, presents a unique criminal opportunity. Hackers have ramped up efforts to identify cybersecurity gaps and trip up people who are connecting with business networks remotely.
By casting a wide email net laced with ransomware and other malicious applications, they are targeting valuable and sensitive data. Phishing schemes can only work if someone downloads a file, clicks on a link, or provides personal information. These are tips to help avoid becoming ensnared by a COVID-19 phishing scam.
- Health-Related Emails: Any offer about immunity boosters, HVAC cleansing deals, cures, vaccinations, testing kits, or other health-oriented COVID-19 electronic messages should be promptly deleted.
- Agency Emails: Unless you actively signed up for governmental or health organization newsletters, consider it highly unlikely that you will receive direct communication. Delete such emails and visit the official CDC or well-known government websites for information.
- Work-Related Emails: Scam artists routinely collect bulk emails to make their contact appear legitimate. Anytime you receive a message that calls for you to click on a link or otherwise act, verify its authenticity with a text message or phone call to the sender first.
There are also telltale signs that may help identify a phishing email. Many originate in other countries and lack proper American grammar and spelling. Look for generic greetings and be careful of online requests for information or financial help.
Those who are working from home during the pandemic would be well-served to enlist a managed IT services professional to enhance cybersecurity measures and discuss continuity and recovery strategies just in case you get hacked.