The overwhelming amount of news coverage surrounding the novel Coronavirus has created a new danger; phishing attacks looking to exploit public fears about the virus. Why? Because cyber criminals love a crisis.
Cyber criminals are sending emails claiming to be from legitimate organizations with information about the Coronavirus. Clicking on the wrong link could lead to malware attacks involving keylogging, stolen personal information and financial data, and further threats.
Most of the phishing emails we have caught appear to come from a company being sent to employees on the topic of the Coronavirus (COVID-10). The emails may include information of how to protect yourself and others from the virus, as well as plans the company is making in the event that employees must work from home. Some may even quote the Center for Disease Control (CDC) to make their phishing threat seem more credible.
Most recently, we have discovered a malicious website pretending to be a live map for Coronavirus COVID-19 Global Cases by Johns Hopkins University. Anyone searching the internet for a Coronavirus map could unwittingly navigate to this malicious website and phishing emails will try to lure victims to this site. Visiting the impostor website will allow the cyber criminal to infiltrate the victim’s computer with an information stealing program and exfiltrate sensitive data.
Most cyber threats are only successful because of human error. Awareness is crucial. Here are four simple tips to identify and protect against impostor websites:
1. Check connection security indicators. A website that has an “https” tag is usually more secure and more trustworthy than a site using the common “http” designation. HTTP doesn’t necessarily mean the website is fake but it something to be cognizant of.
2. View certificate details by checking the site’s security status in your browser’s address bar. For most browsers, a “safe” website will display a padlock icon to the left of the website’s URL. With the advent of free SSL services and recent changes to browser indicators, it’s becoming easier than ever to disguise phishing sites as legitimate.
3. Pay close attention to the URL. A website’s URL consists of the connection type (“http” or “https”), the domain name (e.g., “hhs”, “google”, “amazon”, etc.), and the extension (“.com”, “.net”, “.gov”, etc.). Even if you’ve verified that the connection is secure, be on the lookout for red flags like dashes and symbols in the names or domain names that imitate business names.
4. Make sure your devices and internet router are up to date on their anti-virus protection and that you’re using secure and known connections. Avoid using Bluetooth in a public place because it is an easy way for hackers to connect to your device. Always use multi-factor authentication on any accounts for which it is available.
In the current circumstances as more companies are encouraging employees to work from home, it is more important than ever to remain vigilant. As the world slowly turns completely digital, the risk of falling victim to a cyber attack is growing even faster. If you have any question about the validity of an internal company email, don’t hesitate to contact the sender. Certainly do so before wiring any money or following changed payment instructions. If you are questioning the validity of a website, it’s always best to err on the side caution and just exit out.