Hackers are always taking advantage of others’ misfortunes, and they have even gone so far as to leverage the COVID-19 pandemic in efforts to launch phishing attacks. How have hackers utilized this worldwide disaster to their benefit, and what can we do to keep our organizations secure in this troubling time? Let’s find out.
SecureList reports that spam and phishing trends in Q1 of 2021 took heavy inspiration from the COVID-19 pandemic. Here are some of the major threats detailed:
Early in 2021, businesses and individuals received stimulus payments from governments in the form of economic impact payments or business bailouts. Hackers used this opportunity to swindle others through the use of phishing messages that were surprisingly professional in appearance. These kinds of messages often target users of specific banks and utilize nearly identical phishing websites to steal credentials. Others might enter information while attempting to sign up for the latest details about the pandemic, putting these sensitive credentials at risk. It’s a classic example of fearmongering being used for the profit of others.
There was a time at the beginning of the year when the COVID-19 vaccine was difficult to get. Even though the situation has improved significantly, this initial rush created the perfect storm for hackers’ phishing emails that replicated the language and looks used in official health organization correspondence. Users could click on a link in the message, being redirected to a form for inputting personal information or banking credentials. Even those who were lucky enough to get the vaccine were subject to fake surveys to harvest this information.
If your website has standard web forms that email you, you are probably used to seeing some unsolicited submissions. Even with features like Google’s reCAPTCHA, which is designed to stop bots from filling out forms, junk can still come in. Website owners have been seeing an influx of attacks, pretending to be lawyers, copyright holders, and other entities. These messages usually come bundled with URLs leading to dangerous malware or ransomware. If you get a message from the forms on your website, be very careful about clicking links. It’s a good idea to copy/paste some of the text from the email into Google to see if it is one of the many common scams going around, or reach out to us at Horne & Benik.
Hackers are always trying every trick in the book to infiltrate your business’ defenses. Phishing attacks are nothing new, so it’s your job to keep up with the latest and make sure that you are doing all you can to protect your organization. Here are a couple of ways you can do just that.
Horne & Benik can help your organization navigate the challenges of network security. To learn more about how we can train your employees, perform regular “tests,” and optimize network security, reach out to us at (603) 499-4400.
Comments