Don’t Let Your Network Be Infected Thanks to Coronavirus

Don’t Let Your Network Be Infected Thanks to Coronavirus

Ever since it first popped up in the Wuhan Province of China, COVID-19 (better known as the coronavirus) has created quite a stir—bordering on panic—around the world. Unfortunately, as has been the case many times before, cybercriminals have been using this near panic to support their attacks. Let’s review some of the ways they do so, and how you can protect yourself and your business from these efforts.

How are Cybercriminals Using Coronavirus?

“You can sit in a room and create anything you want on a laptop. That’s why the real con men are gone.”– Frank Abagnale

Reformed con man and FBI consultant Frank Abagnale is right, as the cybercrimes shaped around the coronavirus have proven. Due to the deep anxiety and trepidation that the media coverage of COVID-19 has encouraged, cybercriminals have been handed an opportunity to take advantage of the panicked populace through phishing attempts… an opportunity they have embraced since the end of January.

These themed attacks have been directed toward a variety of targets. For example:

  • Healthcare providers have been targeted by phishing attacks that deliver keylogging malware, meant to look like emails from local hospitals or the World Health Organization.
  • “Informational” emails referencing coronavirus have enabled hackers to introduce ransomware to the populace.
  • Members of the supply chain have seen coronavirus emails that install information-extracting malware through malicious Microsoft Word documents.

Of course, this kind of activity has been going on for far longer than the Internet has been around… it’s just that the Internet makes these attacks much more efficient and effective.

How this Complicates Things

Unfortunately, the latest application of these attacks have proven effective. Much of this is likely due to the fact that they are leveraging a very visible and nerve-wracking event, which helps to boost the interest of a target. This same tactic is the reason that so many phishing attacks are launched right around tax time, and why fraudulent messages were shared via SMS claiming that the recipients needed to register for the draft… for a fee.

Whatever the approach, the tactics have remained the same: scare the recipient enough that they don’t consider that the message may be fraudulent, and give them a perceived “out” if they turn over their information.

Adding to the complexity, the situation with COVID-19 is just different enough from other events that cybercriminals typically take advantage of, for it to be uniquely dangerous. For instance, many of the other disasters that a cybercriminal will use to their advantage are over in a relatively short time frame. In comparison, COVID-19 has already spent weeks dominating the headlines, with no way to tell how many more weeks (or months) are yet to come.

In addition to this, coronavirus is largely unprecedented, unlike the foundation of many other phishing attacks (such as major sporting events and the like). This means that there is no real resource that is known to be trusted for people to turn to. For weather events, the National Weather Service and FEMA fill that role… no such resource is as commonly trusted for coronavirus.

What Can Be Done

In most cases, resisting these efforts will require a combination of basic cybersecurity measures and--perhaps more critically--user awareness and education. While your protections will ideally block the majority of phishing attacks and malicious messages, you need to be sure that your employees are aware of how such attacks should be handled:

  • Train effectively - Rather than taking up half of one day on a dull and repetitive training seminar, split your training efforts into shorter pieces, focusing on assorted aspects of the threat at hand. Give your team the knowledge they need to recognize phishing attacks and understand the importance of mitigating them.

  • Emphasize that phishing goes beyond email - Remind your staff that phishing is far from an email-exclusive threat. While email-based attempts are common (and perhaps the most well-known means of phishing someone), phishing can happen through text messaging or even a voice call.

  • Report any and all suspicious attempts - This includes those that your staff may have fallen for. Without this collected knowledge, how can you expect to protect your business by avoiding future attacks or responding quickly and decisively? Resist any temptation to retaliate against a staff member who was bamboozled, as this will only encourage them and others to hide their mistakes… something you definitely don’t want.

Whether a cybercriminal uses coronavirus or some other story to try and phish your employees, it is important that they know how to spot them, and how to properly respond when they do. For more assistance in handling these threats, give BNMC a call at 978-482-2020.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, March 30 2020

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Business Computing Productivity Privacy Cloud User Tips Microsoft Email Network Security Software Computer Hackers Malware Hosted Solutions Data Google Business Communication Small Business IT Services Efficiency Mobile Devices Workplace Tips Tech Term Hardware IT Support Managed IT Services Internet Innovation Ransomware Backup Cloud Computing Data Recovery Smartphone Smartphones Android Outsourced IT Upgrade Windows Users Miscellaneous Saving Money Mobile Device Windows 10 Facebook Phishing Information Data Backup Managed IT Services Business Management Server Microsoft Office Social Media Business Continuity Cybersecurity Network Office 365 Browser Internet of Things Data Management communications Windows 10 Passwords VoIP Productivity Gadgets Word Vulnerability App Remote Monitoring Gmail Disaster Recovery Quick Tips Infrastructure Managed Service Chrome Apps Artificial Intelligence Encryption Money IT Support Settings Managed Service Provider BYOD Tip of the week Analytics Save Money Website Employer-Employee Relationship Applications Router VPN Access Control Virtual Reality Company Culture Employee-Employer Relationship Government Unified Threat Management Computers Remote Workers Information Technology Development Google Drive Maintenance Display Collaboration Firewall Content Filtering Avoiding Downtime Bandwidth YouTube Antivirus HIPAA BDR Apple Risk Management Robot Education Networking Storage Office Tips Automation Paperless Office IT Management Data Security Hacker Data storage Virtual Private Network Big Data SaaS Managed IT Downtime Wi-Fi MSP Outlook Data loss Tablet Augmented Reality Spam Computing Holiday IT Managing Stress Bring Your Own Device Operating System Virtualization WiFi Telephone Systems Marketing LiFi desktop Social OneNote Social Network Humor Data Breach Retail Alert Hosted Solution Windows 7 Two-factor Authentication Administration Managed IT Service Mouse Software as a Service Customer Relationship Management Scam Document Management Vendor Management Monitors Break Fix Solid State Drive Chromebook Mobile Security Wireless Search Printing Business Intelligence Hard Disk Drive iOS End of Support Password Laptop Business Technology The Internet of Things Remote Computing Server Management Touchscreen Mirgation Recycling Managed Services Utility Computing Techology IoT Updates Smart Technology Device Reducing Cost Gamification How To Lenovo Cookies Alt Codes Cybercrime Mixed Reality Writing Statistics K-12 Schools LED Threats Mail Merge Blockchain Social Networking Migration Consulting Downloads Computing Infrastructure Professional Services Chatbots eWaste Budget Laptops Dark Data Update VoIP Unified Threat Management Star Wars Digital Payment PowerPoint Shortcut Distributed Denial of Service Disaster Mobility Batteries COVID-19 Firefox Superfish Nanotechnology Typing Digital Bluetooth Comparison Wearable Technology Network upgrade Co-Managed IT Politics Holidays Address Permissions Motherboard Cables Best Practice Alerts USB Current Events Identity Continuity Customer Service Managed Services Provider User Error Fraud Cost Management Halloween Onboarding GDPR Work/Life Balance Distribution Patch Management Uninterrupted Power Supply Print Toner Myths Private Cloud Screen Reader Charging Cryptocurrency Spyware Slack Hard Disk Drives Office Samsung Specifications Smart Office Content Huawei Tech Support Payment Card Wires Google Docs Computer Care IBM Messaging Heating/Cooling Multi-Factor Security Licensing Dongle IT solutions Going Green File Sharing Solar Entertainment Vendor Time Management Printer Assessment Hacks Scary Stories Digital Signage Data Warehouse Logistics Google Wallet Shortcuts Mobile Management Smart Tech Bitcoin Identity Theft Running Cable Monitoring Solid State Drives Social Engineering Black Friday Work Streaming Processor Websites Inventory Emergency Voice over Internet Protocol Business Growth Training Corporate Profile Employee-Employer Relationships Servers Google Calendar Cooperation Service Level Agreement Buisness Dark Web Compliance Legal G Suite Virtual Desktop Hybrid Cloud Network Management Hotspot Internet Exlporer Automobile Sports Troubleshooting Business Analysis Asset Management Optimization Unified Communications Drones Dell Security Cameras Profiles Connectivity Windows 8 Spying National Security Safety Cyber Monday IT Technicians Human Error Memory Shadow IT Modem FinTech WannaCry Analysis Students Legislation Staff Leominster Cabling Memes Microsoft Excel Regulations Deep Learning Scalability Network Congestion Conferencing SharePoint Language Value Mobile Device Management Google Maps Virus Web Server what was your? IT Budget Machine Learning GPS Processors Unsupported Software IT Consultant Mobile Computing Cameras Meetings Computer Repair Relocation Tracking Financial Mobile Data Cleaning CCTV Recovery How To Webcam Health Remote Work Black Market Error Law Enforcement Point of Sale Ben McDonald shares Electronic Medical Records Regulation Notifications Physical Security Twitter Travel Emoji Upgrades Gadget Supercomputer CrashOverride Crowdsourcing Personal Information Botnet Staffing Motion Sickness Taxes Cortana Administrator Printers 3D Printing

What Our Clients Say

  • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
  • 1
  • 2
  • 3