- There are several Threat actors, who are actively engaged in leveraging the COVID19 situation to lure their victims to traps. This includes Phishing campaigns, Social engineering attacks impersonating WHO, National/Govt. Health Org’s and IT service organizations such as Microsoft, Google, Apple, Etc.
- Threat actors are also, leveraging attachments via email and uploading malicious files and applications to disperse Ransomware.
- Organizations should enforce technical controls in place to restrict web browsing to low confidence/bad reputation sites, download & upload service.
- Organizations should also actively inform employees regarding the new threat campaigns and coach them on the best practices and cyber hygiene.
- Also since the current threat campaigns are focusing on COVID, initiate an Official Channel of communication with employees keeping them aware of the latest developments and clarify questions and queries that they may have.
- Ensure employees are adequately conscious when clicking on the email links and attachments. They should ensure that they are not downloading applications or files from the internet.
- Employees should also be wary of Calls, Sms, email received which may ask for personal/professional information, credentials, etc. Always validate the identity of the person on the other side.
- Don’t share your personal or confidential information with anyone pretending to be from a healthcare department. Always remember sharing your Personally identifiable information (PII) with anyone is not recommended unless you are aware about the authorities and people involved.
- Highly recommended to use only work-issued devices for your work. Do not use your personal emails or messaging apps on the same system. Use a VPN to connect with your company’s network.
- Don’t click on any forwarded link on your work-issued laptop, and be aware of phishing scams and attacks.Keep a check on the pictures which you are sharing about the team meetings: no confidential or client data is being exposed.
So we urge everyone to be extra vigilant against online scams, including phishing and malware, that are more prevalent in times like these.
Image credit: Pixabay.com