Given current events, we want to keep you informed about how the COVID-19 Coronavirus pandemic has impacted businesses from a cyber perspective.
Since the start of the new year, cyber criminals have registered over 4,000 domain names containing the phrases “Corona” and/or “COVID”. These domains are being used to execute phishing and ransomware attacks disguised as Coronavirus related emails. Fraudulent emails may come in the form of a message from the Center for Disease Control & Prevention (CDC), health advice from a medical specialist, or even internal workplace policy notifications. Click here to learn more.
Best Practices to Avoid a Cyber Incident
Since many businesses are instructing staff members to work remotely to mitigate the spread of COVID-19, the chances of companies experiencing a cybercrime incident, such as a phishing scam or ransomware attack, have increased dramatically. Here are some helpful practices that you can utilize to avoid falling victim to these attacks:
|1. Multi-Factor Authentication: In order to prevent hackers from obtaining access to emails, we highly recommend utilizing Multi-Factor Authentication (MFA) when logging into email related accounts and applications that require a username and password. MFA will send a text / alert to the user’s cell phone with an authorization code, which will be used to confirm the person logging into the email account is in fact them. This is one of the most successful methods of preventing hackers from using brute force attacks, in which they run a program that rallies through a series of passwords until one works.|
|2. Phishing Training: One of the best practices that businesses can employ in order to prevent fraudulent email incidents is to train personnel on how to spot them. There are a number of vendors which offer training platforms for your workforce, such as ThreatAdvice.|
|3. Advanced Preparation / Anticipation: In the event of a phishing or ransomware attack, it is important to have a plan of action in place in order to contain the incident as quickly as possible. One of the most important considerations is communication. Who should be notified first? Who all should be notified? How will communications be handled if your email is shutdown?|
|4. Employee Awareness: One of the free and most effective measures you can take is to simply heighten the awareness level of your employees. A simple email addressing the increased exposure of scams due to the pandemic can prevent an event for your company.|
|5. If You Are Attacked: If you have a cyber liability policy with us, contact us as soon as possible so we can coordinate communications with your Breach Coach. Your Breach Coach will have vendors and specialists ready to help you through the event.|
Recently Reported COVID-19 Hacks
Click the links below for more information on targeted COVID-19 hacks in recent news:
Below we’ve included a news brief with more information on how these cyber criminals are trying to take advantage of the current situation and ways employers can respond.
|Check out our COVID-19 Resource Center for more resources and information.|