5 Ways to Protect Your Devices Against Malware, Phishing, and Scams During COVID-19 Crisis
Based on an Interpol analysis report from 194 countries, phishing/scam/fraud, malware/ransomware, malicious domains, and fake news have shown as the biggest digital threats across the world during this pandemic time. You can read the report by following this link: COVID-19 Cybercrime Analysis Report
According to Interpol’s COVID-19 Cybercrime Analysis Report, based on the feedback of 194 countries, phishing/scam/fraud, malware/ransomware, malicious domains, and fake news have emerged as the biggest digital threats across the world in the wake of the pandemic.
There are two reasons for the emerge of these cyber threats in 2020:
- Most of the people are working, learning, shopping or running their business from their homes, and their internet connection are unsafe and highly vulnerable to cybercrimes.
- The cybercriminals are using the COVID-19 to scam people and enterprises by sending malicious e-mails. For example, many scammers are offering free medical tests and testing kits, pandemic relief funds, new job opportunities due the economic downturn. Some have launched fake e-commerce websites selling health, and sanitization products.
Let us see a few cyber threats and security breaches that have happened in the 2020.
- In March 2020, the Department of Justice in the United States filed a legal appeal in the federal court to shutdown a website called coronavirusmedicalkit dot com because it claimed to have a vaccine kits and they were selling it online. You can read more by clicking here.
- In April 2020, cybercriminals sent emails to the World Health Organization (WHO) and convinced them to send emails to the public to make donations to a fictitious COVID-19 fund. You can read more by clicking here.
- Cybercriminals sent phishing scam of fake Zoom invites to employees from HR offering jobs and convincing them to enter their usernames and passwords on a fake Zoom website. You can read more here.
- Several UK citizens received emails from a fake government agency telling them to claim a tax refund that will protect them against the COVID-19. You can read more here.
- The PowerShell malware attacks in 2020 have increased in 117% in North America.
- Ryuk has emerged as one of the biggest malware threats to US hospitals and healthcare providers in 2020.
Ways to Safeguard Against COVID-19 Digital Threats
The cyber risk management recommend being preventive and detective measure as listed below:
1 — Educate Your Staff
E-mail phishing scam appears so legitimate sometimes that most of the people are likely to open them, click their attachment or their links without verifying the sender’s email address or the info in the email’s body.
To avoid this, you need to create a cybersecurity awareness among your users to teach them how to identify unauthenticated emails (phishing scam). Ask them to always double-check the sender’s email address and look for grammatical errors or unusual request. Most of the time scammers have grammatical errors. Ask them to contact the IT Support department to double check in case that they have doubts.
2 — Encrypt and Backup Data
You must use full-disk encryption software to encrypt all sensitive data of your company, customers, and employees.
It is also always a good idea to take a system backup of your databases, files, and databases at regular intervals.
The general rule of backup is 3-2-1: create at least three copies, two of which should be on different mediums (devices/cloud), and one copy should be off-site for disaster recovery.
3 — Fortify Cybersecurity Policy for Remote Working
It is crucial to create a strict rulebook for your employees, laying down the protocol for using home computing devices and internet connection. They should use a secure internet connection, avoid the use of office devices for personal use, and store official files/information only on company storage systems.
Also, make sure that your company implements robust firewall rules and multi-layer authentication for VPN, critical business systems, and any other remote network connections. Let your employees know the company-approved applications and collaboration tools they must use.
4 — Use Anti-Virus Solutions
This may sound like basic security protocol, but it is extremely important to install sophisticated and trustworthy anti-virus software on your company servers and devices.
5 — Secure Your Web and Mobile Applications
With COVID-19 pushing the world to embrace digital on every front, your web and mobile applications are more at risk from cyber threats and security violations. Hence, you must proactively monitor application security risks and take preventive measures to mitigate them.
It is essential to understand that cyber threats are here to stay even after the ongoing pandemic because global digital usage is expected to increase continuously in the coming years.