It hasn’t taken cyber criminals long to turn the Coronavirus pandemic into a money making scheme. With more people working from home and face-to-face meetings cancelled, now is the time to remind clients that you are exchanging emails with to be more vigilant.
Cyber criminal have used the current pandemic, and have begun to impersonate the World Health Organisation and Centres for Disease Control and Prevention preying on the vulnerabilities that have no doubt arisen as a result of what is currently happening in the world.
Although these emails are purporting cover ups of vaccines, and other farcical information, it has been catching people out, with scammers obtaining bank details and stealing thousands from victims.
This may seem a far cry from the world you work in, but as more and more communication is conducted online over the coming weeks, reminding people how to spot fraudulent emails can be worthwhile. After all, we never know who the cyber criminals will target next.
They may choose to clone your email domain, and contact your clients asking them to pay an urgent invoice, which then gets squirrelled away and potentially used to fund further crime.
Phishing still remains the most popular tactic in the cyber criminals arsenal, as often it can mean little work for a huge reward. With regards to the Covid-19 pandemic, researchers have found five types of phishing emails currently being utilised by hackers. These are:
- Click here for a cure emails which installs malware on the victim’s computer
- Tax refunds relating to the virus which harvests personal information from the victim
- “Little measures that save lives” and email from the World Health Organisation and/or Centres for Disease Control and Prevention claiming that if you open the attached file you can keep yourself and your loved ones safe. This file installs malware on the victim’s computer
- Information saying the virus is now airborne, encouraging victims to click on a link which then installs malicious software
- Donation emails asking for ‘bitcoin’ donations to help fight the fight against the disease
Overall, Kaspersky says it has detected more 513 different files with coronavirus in their title, which contain malware.
David Emm, Principal Security Researcher at Kaspersky, said:
“We expect the numbers to grow, of course, as the real virus continues to spread.”
Advice to give to clients
We would recommend, when you communicate with your clients you discuss the potential of phishing (fraudulent) emails and remind them that they usually contain the fHighlighting things such as:
- Spelling mistakes
- Grammatical errors
- Odd financial requests
Reminding clients to double check the email address of the sender, to ensure it is from the genuine person or company. Cyber criminals can copy the domain of an organisation, but not a 100% likeness. There will be small changes in the email, which at first glance may be difficult to spot, but upon further inspection may highlight a cyber criminal’s attempt to fool them.
