Cybercrime Skyrockets 300% Since COVID-19
FBI reports a staggering increase in cybersecurity complaints coming in each and every day since the coronavirus pandemic started – from phishing attacks to phony domains to intruders on video conferences.
By now, you’ve likely heard about the increase in cybercrime since the coronavirus pandemic started. It’s no surprise… Cybercriminals have always taken advantage of major headlines, especially those that create uncertainty and fear around the world. Plus, we’re all working from home, and remote work is unfortunately known for being less secure than working in the office. Why? Because we don’t tend to have access to the same enterprise-grade security measures, especially when the move to remote work is done quickly as a result of the pandemic:
- Web filtering
- Intrusion detection software
- And much more
Even if you do set your remote workers up with the right enterprise-grade security measures, there’s still some degree of risk because cybercriminals are launching such a massive amount of attacks. At the end of the day, the best way to stay safe is to stay aware. The FBI’s IC3, also known as the Internet Crime Complaint Center, reported a major increase with cybersecurity complaints going up from 1,000 complaints to over 3,000 – 4,000 complaints each day.
They’re not the only ones working hard to thwart attacks. Google stated that they’re blocking 18 million coronavirus-related phishing scams every day. These phishing scams are designed to trick users into divulging personal data. Let’s take a quick look at a few examples of what’s out there in terms of phishing attacks:
- Emails offering coronavirus tests at a discounted rate.
- Emails containing lists or updates on cases in your region.
- Emails urging you to invest in stocks related to the disease.
- Emails containing purchase order information for masks or sanitizer.
- Emails offering information or forms to fill out for financial assistance.
Keep in mind, the majority of these emails will be coming from cybercriminals who are looking to convince you to give them personal information, click on a link that leads to a malicious website or download an attachment riddled with viruses. They will often claim to be from a reputable source, such as:
- The CDC
- The WHO
- Your state or federal government
- Individual US officials, such as Donald Trump
Scott Helme, an Independent Security Researcher, offered some valuable insight on phishing attacks…
“Phishing attacks always share the common trait of inciting or depending on an emotion that causes us to act more hastily or think less about our actions at that moment in time. The coronavirus pandemic is a highly emotional topic right now and cyber-criminals clearly know this. They’re hoping that the typical person might be more inclined to click through links or follow bad instructions if they use this lure.”
There are two major factors contributing to the increase in cybercrime: an influx of remote workers and the uncertainty and fear the majority of the world is feeling.
Due to the influx of remote workers, alongside the uncertainty and fear the majority of the world is feeling, cybercriminals are able to effectively target and convince individuals to do what they want them to do. Whether it’s a phone call stating a family member is in the hospital with coronavirus and needs money for medical bills or it’s an email offering a fantastic deal on masks, cybercriminals are coming up with all sorts of creative ways to wreak havoc.
Here are our recommendations to stay safe, and remember, this is especially important for remote works that don’t have the proper security measures in place:
- Think before you click or download: Take the time to double check the sender, think about whether or not you were expecting this, and if possible, go to the legitimate website for the information or resource instead. If you’re unsure, don’t click or download.
- Watch out for signs of urgency: Cybercriminals will often make you feel like taking action is urgent and required. For instance, they may say a deal is expiring soon, your account will be deleted or legal action will be taken if you don’t respond.
- Never send sensitive information via email: Any legitimate organization will call you directly if they need to update your information or gather sensitive information. If an email asks you for sensitive information, don’t send it.
- Visit well-known, credible websites for information: The CDC and WHO offer up-to-date coronavirus information on their websites. If you need information, check those websites before anything received via email.
- Hover over the sender’s email address: A quick hover over the sender’s email address will tell you everything you need to know. Make sure it’s a legitimate domain with proper spelling and grammar.
Need help implementing security measures to protect remote workers? Get in touch with us via the chatbox.