Combating COVID-19 Cybercrime
The Latest Scams Take Advantage of Fears over COVID-19
February 16, 2021
There is no question that 2020 brought unexpected challenges both personally and professionally. Quickly shifting corporate policies, a push to remote work, political unrest, and a dependence on digital news have created a perfect storm for data security. Bad actors have quickly learned to exploit the vulnerabilities created by sudden changes in the working environment. A shift to remote work has meant that many people are now working on personal computers or unsecured workstations. This has caused a massive surge in cyber attacks of every kind. When clocking in remotely employees are often working outside of the more secure in-office network. Pair this with the fact that they may be adopting more relaxed security measures at home and the risk for a cyber attack rises even more.
COVID-related phishing scams are a prime opportunity for bad actors to steal your data. If you receive an email related to COVID policies and procedures, quarantine, vaccines, or anything related to the virus, take a moment to think before you click. Research has indicated that people are three times as likely to fall for phishing scams that are related to COVID-19. It just takes one click to open the door to hackers.
The Danger of Digital Meetings & Notifications
Remote work meetings have created the perfect opportunity for hackers. Automated meeting invites have likely been flooding your inbox and it’s easy to click without thinking. Bad actors have been stealing Zoom accounts and fabricating automated meeting requests to trick you into clicking on a malicious link. Since most legitimate meeting emails include a download to add the event to your calendar it’s easy to miss these dangerous scams.
One particularly vicious attack has come in form of fake termination notices. With job security at an all-time low, hackers have exploited this fear by sending notices of termination that include urgent calls to action. The threat of losing health insurance is often deployed to trick people into calling a fake HR representative or sending frightened employees to a dummy portal designed to capture their login, PHI, or banking data.
Pandemic Panic
Thousands of new COVID-19 related domains are created every day. With so much new content it can be hard to distinguish legitimate resources from scams. Hackers often create web pages that imitate legitimate organizations. This is nothing new and is a common strategy for stealing bank information. However, the pandemic has led to a rise in scammers imitating health services and hospitals. Whether it’s on the phone, in your email, or on a website be skeptical when asked for your information from an unexpected source. People scrambling to get the vaccine or find access to health services are particularly susceptible to these “too good to be true” opportunities.
Unfortunately, it’s not just patients that are being targeted, hospitals have seen a huge surge in ransomware attacks that put hospital data and services at risk. Hackers have been able to seize hospital networks or patient data and hold it for ransom causing dangerous backups to life-saving services. Overburdened hospital systems are prime targets because their services can mean life or death for patients, consequentially they are more likely to pay the ransom.
Mobile Threats Target Everyone
Mobile phones are often overlooked in spite of the fact that they may be one of the biggest security threats in the technology landscape. People tend to assume that apps are carefully vetted by Apple or Android, but with such a huge volume of new apps being launched every day, it’s not too difficult to slip in something malicious. Fake contact tracing apps are one of the newest strategies to steal personal information. Apps have the ability to run in the background (be honest, how often do you actually close apps on your phone) and gather data for days, weeks, or even years. These pieces of software tend to be something people download and then forget about, making them great vehicles for cyber attacks. Even legitimate mobile applications created by medical institutions are risky. According to a report by Intertrust 85% of Coronavirus tracking apps leak data. Download these apps with caution, even when choosing ones that have a legitimate source, and ensure you have adjusted your settings correctly to minimize the risk of losing data.
About DOMA- Powered by Tech, Driven by People
DOMA Technologies (DOMA) is a software development and digital transformation company whose mission is to change customer lives by lightening their workload through faster and more targeted access to their data. Since 2000, our team of 200+ experts has helped businesses navigate all aspects of the digital world. We are a dedicated strategic partner for the federal government and private sector clients at every stage of their unique digital transformation journey.
Author:
Danielle Wethington
Director of Communications
Compliance
Learn more about Compliance with DOMA