The constant barrage of coverage regarding COVID-19 continues to fuel anxiety, concern, and even confusion in our personal and professional lives, but bad actors see opportunity in the turmoil. In response to public fears, hackers and scammers developed new phishing scams and strategies targeting your email inbox using seemingly legitimate or official correspondence.
To curb these phishing attempts, governmental agencies such as the Federal Trade Commission (FTC) and the Federal Communication Commission (FCC) have published lists outlining various known scams and suggesting actions businesses and consumers can take to protect themselves.
Businesses may find endpoints under attack from phishing scammers as employees are bombarded with suspicious emails. As more staff work from home or remotely, it is critical to provide proper education to increase cybersecurity and minimize cyberthreats such as phishing emails. Simple safeguards such as awareness and education go a long way toward protecting you—and your data—from harm.
Minimize the Impact of Phishing Scams Through Good Cybersecurity Practices
A crucial part of any good cybersecurity policy is education. Educating your staff on how scammers make inroads to critical data through scams such as phishing emails is critical to avoiding an incident. Typically, hackers craft emails designed to look like they are from legitimate organizations offering tips, tricks, or information related to COVID-19.
Many of the emails will ask the recipient to open an attachment or click a link to verify the latest statistics—an action which could trigger a download of malware or run other malicious software on your device.
After it is downloaded, malware may give the hacker the ability to take control of your device, access information or data, and even collect passwords, contacts (which will be used to spread the threat) and authentication credentials.
These emails run the gamut from U.S. Center for Disease Control (CDC) alerts to interoffice memos. The U.S. Health and Human Services website has a list of coronavirus-related email scam examples.
One asks the recipient to click on a link to see cases in their area. Another is from a purported medical source providing safety measures to protect against COVID-19, with a link to a suspicious PDF. A third looks like an interoffice memo advising that the office is releasing a new “Communicable Disease Management Policy” that the recipient must download and review.
Recognizing Phishing Scams
Education is key for good cybersecurity. Cybersecurity firm Norton outlines a number of best practices for employees on proper cyber hygiene. We’ll outline a few highlights here:
- Do not respond to online requests for personal information
- Always inspect email headers (specifically the sender’s email address) and examine all links by hovering your mouse over the URL WITHOUT clicking the link
- Look for grammatical or spelling mistakes
- Beware of generic greetings such as “Dear Sir” or “Dear Madam”
- In general, do not click on a link or provide information in an email, especially if you’re not expecting the request
- Be wary of any message that insists you “act now”
Prioritizing continuous education and maintaining a comprehensive cybersecurity policy is a game-changer. Make cybersecurity education and policy review a part of onboarding and repeated trainings.
Consider Managed IT to Prevent Phishing Scams
Another significant piece of the cybersecurity puzzle is ensuring all equipment is up to date with the latest security patches and upgrades.
An experienced and reliable managed IT provider proactively manages and secures your infrastructure and data with real-time monitoring, patch management, and a protection plan designed specifically to safeguard your company’s sensitive data.
If the unthinkable happens and you are hit with a data breach, a comprehensive managed IT solution will have implemented an effective data recovery plan to restore your system to working order as soon as possible.
CDS Provides Security to Your Workplace Through Managed IT
At CDS, we understand the emerging threats posed by today’s cybercriminals. In a continually evolving threat environment, our experts arm themselves with cutting-edge knowledge and state-of-the-art technologies to protect you—and your data—from exploitation by hackers.
Our Managed IT team begins with a complete inventory and network assessment to catalog your current infrastructure. We follow this with an in-depth look at your business needs and goals to custom tailor an IT solution that perfectly suits your objectives.
Finally, we put the latest cybersecurity protocols into place and develop a hard-hitting disaster recovery plan to prevent hackers from accessing your sensitive data. In the case of data loss or theft, however, we ensure your system can come right back online with redundant data backups that keep your information safe.
Managed IT services provide constant, automatic monitoring of your systems for around-the-clock threat detection and prevention.
Don’t let your employees—or your business—fall prey to a COVID-related phishing scam. Contact a CDS representative now and find out how Managed IT can provide cybersecurity—and peace of mind.