Sunday, July 12, 2020
Home Cybersecurity News How to spot Covid-19 phishing attacks (before it’s too late)

How to spot Covid-19 phishing attacks (before it’s too late)

While most of the world is trying to deal with the COVID-19 pandemic, it seems hackers are not on lockdown. Cybercriminals are trying to leverage the emergency by sending out “phishing” attacks that lure internet users to click on malicious links or files. This can allow hackers to steal sensitive data or even take control of a user’s device and use it to direct further attacks.

The last thing you want at a time like this is to become a victim of a cyber attack and maybe even lose your computer. But there some straightforward guidelines that should help you protect yourself.

Many people are searching online for information about COVID-19. But the pandemic has created what the World Health Organization (WHO) calls an “infodemic, in which people are bombarded with an overabundance of both accurate and inaccurate information that is circulating on the internet, making it hard to know what to trust.

Hackers have started to capitalise on this situation by sending out emails that purport to offer health advice from reputable organisations such as governments and the WHO but that are really phishing attacks.

It’s hard to know how many attacks are being carried out or how many people are being affected. But new attacks are being reported nearly every day, and some cybersecurity companies are reporting large increases in enquiries since many people started working from home.

One of the first such attacks was reported in Mongolia and was aimed at public sector employees. It involved an email and word document (RTF file) about the prevalence of new coronavirus infections, pretending to be from the country’s Ministry of Foreign Affairs. The email and document look authentic and provide relevant information. But opening the file installs a malicious piece of code on the victim’s computer that runs every time they open their word processing application (for example Microsoft Word).

The malicious code allowed another computer, known as the command and control centre, to remotely access and control the victim’s device, uploading more instructions and malicious software. The hackers can then spy on the affected machine, using it to steal data or direct further attacks.

The pandemic is also worsening the situation because more and more people are staying at home and using the internet to work and socialise. This means they may be using their personal computers more and working outside the normal security protections provided by their employers’ internal computer systems. They are also working in stressful conditions that could leave them more likely to forget routine security procedures and fall victim to a phishing attack.

If your computer were to become infected, hackers might be able to steal not only your personal information but also data about your work. And if your device were to crash as a result, you would no longer be able to use it for browsing or remote working. And it might be much harder to get it repaired due to the movement restrictions imposed due to the pandemic.

Luckily, there are some simple things you can do to spot and deal with phishing attacks. Most simply, you can check for obvious signs of fake or unofficial emails such as poor spelling, grammar and punctuation, as most of these emails are generated from outside the country they are sent to. But also be wary if the email tries to create a sense of urgency, that you must click its link now. And if the content seems too good to be true then it probably is.

You should also bear in mind that cybercriminals use every opportunity available to exploit weaknesses in cybersecurity. And a frantic search for health advice is such an opportunity. So you should always make sure that you look for information about COVID-19 on trusted sources such as WHO.int or theconversation.com.

  • Chaminda Hewage is Reader in Data Security, Cardiff Metropolitan University, UK. This article originally appeared on TheConversation.
Advertisement
 

Chaminda Hewage
Chaminda Hewage
Chaminda Hewage is Reader in Data Security, Cardiff Metropolitan University, UK.

Stay Connected

Join Our Newsletter

Must Read

Fraud delivers price war as counterfeiters think inside the box

There’s an elephant in the room – and it’s in an authentic-looking box. We need to talk about the rise of the re-boxer –...

Drones and aerial vehicles could change how we think of cities

Drones, personal flying vehicles and air taxis may be part of our everyday life in the very near future. Drones and air taxis will...

What has the world really learned in the global pandemic crisis?

Collaboration, leadership, and innovation are key. 2020’s global pandemic created a quick and massive shift for companies around the world, where businesses made necessary changes like working remotely and an increased emphasis on mental health and work-life balance

CIOs are essential for IT strategies in the new normal

If anyone still doubted the strategic importance of today’s CIO, the COVID-19 pandemic has put those questions to rest. This was clear in a CIO...

Related News

Fraud delivers price war as counterfeiters think inside the box

There’s an elephant in the room – and it’s in an authentic-looking box. We need to talk about the rise of the re-boxer –...

Drones and aerial vehicles could change how we think of cities

Drones, personal flying vehicles and air taxis may be part of our everyday life in the very near future. Drones and air taxis will...

What has the world really learned in the global pandemic crisis?

Collaboration, leadership, and innovation are key. 2020’s global pandemic created a quick and massive shift for companies around the world, where businesses made necessary changes like working remotely and an increased emphasis on mental health and work-life balance

CIOs are essential for IT strategies in the new normal

If anyone still doubted the strategic importance of today’s CIO, the COVID-19 pandemic has put those questions to rest. This was clear in a CIO...

How supercomputers crunched the numbers for pandemic response

As 2020 began, Australia was stunned by the worst bushfires on record. Six months later we are weathering the coronavirus pandemic sweeping the globe. This...

This site uses Akismet to reduce spam. Learn how your comment data is processed.