Please check earlier blogs “Easy Fix Remote Work Cyber Security Checklist”, “Management, Director and Employee Responsibilities”, “Cybersecurity COVID 19 Guidelines for Small and Large Businesses” focused on how to secure from cyber-attack as we continue to work remotely. In today’s blog post, we have a few examples of what ‘s happening around.
You must have heard about the “Zoombombing” on eLearning classes at Arizona State University and The University of Southern California. To keep it short, Zoom has published a blog post on steps to take to keep would-be crashers out of Zoom meetings. The most important one is that the host should limit the screen sharing to themselves.
Attackers often take advantage of current events, money concerns, or certain times of the year. The overwhelming news coverage of COVID19 has created an opportunity for scammers to trick people into sharing their personal data and credentials or spread malware through email attachments. Phishing attacks may appear to come from other types of organizations, such as charities and government agencies. The areas that are likely exploited in such circumstances are:
- Stimulus Checks
- Free offers
- Refunds and returns
- Fake cures
- Access to online platforms – Netflix, Amazon Prime, Memberships, etc.
- Announcement from CDC, WHO, etc.
- Charitable contributions
Phishing emails often look “official”, some recipients may respond to them and click into malicious websites resulting in financial losses, identity theft, and other fraudulent activity. Some quick checks to discover phishing emails:
| Hover over Friendly FromURLs contains a misleading domain name. Contains a mismatched URL. Incorrect grammar/selling plain text/absence of logosMessage body is an image request for personal information suspicious attachmentsUrgency | Email address The message asks for personal information, the offer seems too good to be true you didn’t initiate the actions you are asked to send money to cover expenses message makes unrealistic threatsDetect unusual logins |
Below are the examples of phishing emails in circulation that you can take note of:
Email 1 – Access to online platforms
Email 2 – Fake Medical Supplies
Email 3 – World Health Organization and Center for Disease Control Emails posted on Berkeley Security Education site
