As the uncertainty surrounding COVID-19 impacts every aspect of daily life, it is important to remain vigilant against threats to the security of sensitive information.
Cybercriminal activity increases when pandemics strike, as actors take advantage and prey upon fear and uncertainty. Phishing attacks via email, text message and phone calls are the most common, as cybercriminals impersonate financial institutions, healthcare providers and emergency aid organizations in the hopes of obtaining sensitive information. The fraudulent correspondence may offer access to a vaccine or an attempt to collect money for victims of the virus.
The current threat from phishing scams is so significant that the U.S. Secret Service recently issued an alert that opportunist criminals are attempting to exploit human fear. Similarly, the World Health Organization (WHO) has posted a page on their website, noting that there are fraudulent parties that may claim to disguise themselves as WHO to steal money or sensitive information.
Being informed and maintaining vigilance can help individuals and businesses avoid this type of cybersecurity threat during the COVID-19 pandemic. The DHG IT Advisory team recommends the following steps to stay protected:
- Keep an attentive eye for any phishing attacks through texts, emails and phone calls that offer fast services such as medical assistance or charity collections.
- Make sure all anti-malware software is updated on your electronic devices.
- Refrain from clicking on links within emails requesting monetary donations. Instead, directly visit the website of the organization to contribute your gift.
- Only make monetary donations to organizations that you have researched well, or that have established reputations, such as the American Red Cross.
- Do not give financial or account information via phone call from an unfamiliar person. Your bank should never call and request sensitive information.
- Businesses should have an incident response plan in place in the event that a cybersecurity breach does occur.
- Businesses should create a recovery plan and a business continuity plan to operate with the proper security in the event normal business operations are interrupted.
For more answers on how to protect from various cybersecurity threats, please contact a member of the DHG IT Advisory team. Visit https://www.dhg.com.
There is a wealth of information on DHG’s COVID-19’s Resource page https://www.dhg.com/covid-19
About the Author – Tom Tollerton has more than 15 years of experience in the cybersecurity industry and manages the firm’s cybersecurity and data privacy compliance services. Tom focuses in cyber risk management, data privacy compliance, SOC reporting and PCI compliance assessments. His experience includes performance of cybersecurity risk assessments and data privacy assessment and consulting projects, and various compliance audits. His clients include organizations of all sizes in the fintech, dealership, communications, insurance and software industries, including Fortune 500 corporations.