cybersecurity

TeamCISO Coronavirus Email Security Guidelines.

 

Cyber Security Analyst Justin Rogerson at Teamciso explains; With Covid-19 taking over the world right now, cyber attackers are taking advantage of the fear over this virus to create their own. Cyber attackers love crisis and will use it to their advantage when it comes to these email attacks. What sounds like it might help you turns out to be the opposite. An attacker can use an email like “Coronavirus Canada tracker: How many cases in your area?”, they will then get you to click on the link provided and ask for personal information.

Other email-based scams include one claiming to be from the World Health Organization (WH0). The email, which claims to hold crucial COVID-19 safety advice, has an attachment which downloads a keylogger, allowing scammers to follow the online movements of the user, and gain access to their device and personal details.

What to do?

Bottom line it’s smart to avoid any ads seeking to capitalize on the coronavirus and here are ways to recognize and avoid coronavirus-themed phishing emails.

Like other types of phishing emails, the email messages usually try to lure you into clicking on a link or providing personal information that can be used to commit fraud or identity theft. Here’s some tips to avoid getting tricked:

  • Beware of online requests for personal information.A coronavirus-themed email that seeks personal information like your Social Security number or login information is a phishing scam. Legitimate government agencies won’t ask for that information. Never respond to the email with your personal data.
  • Check the email address or link. You can inspect a link by hovering your mouse button over the URL to see where it leads. Sometimes, it’s obvious the web address is not legitimate. But keep in mind phishers can create links that closely resemble legitimate addresses. Delete the email.
  • Watch for spelling and grammatical mistakes.If an email includes spelling, punctuation, and grammar errors, it’s likely a sign you’ve received a phishing email. Delete it.
  • Look for generic greetings. Phishing emails are unlikely to use your name. Greetings like “Dear sir or madam” signal an email is not legitimate.
  • Avoid emails that insist you act now.Phishing emails often try to create a sense of urgency or demand immediate action. The goal is to get you to click on a link and provide personal information — right now. Instead, delete the message.

 

Some examples to look out for include the following and are based off of actual scams:

 

 

Thanks for reading this and stay safe and healthy out there 🙂

 

TeamCISO:

was formed in 2015 by a group of Cyber-security practitioners with experience in large enterprise. Our mission is to bring those frameworks and practices to help small to medium businesses get and stay cyber secure.

Our team can help you asses your current information Security and Privacy Controls to ensure that you are doing you due-diligence in managing your corporate risk profile.

If any gaps or vulnerabilities are discovered, our team will document these as well as define a road-map to remediation.

Set up a free 30 minute Cyber Security Consultation!

Leave a comment