Cybercriminals have a tendency to take advantage of ‘hot topics’ in the hope of targeting people with a vested interest or concern about current issues. As a result the Coronavirus (COVID-19) pandemic has become an area targeted by attackers.

Using techniques such as phishing emails, ransomware and malicious software, all with a coronavirus stance to lure people worried about the virus.

The most common means of attack have been phishing campaigns that utilise coronavirus themed emails which contain malicious content.

Given the interest people have in wanting to understand more about the pandemic, cybercriminals are attempting to direct recipients to false content such as maps depicting where and how the virus is spreading, malicious attachments or false links.

As a greater number of people are now working from home, fraudulent VPN apps are being deployed by cybercriminals in attempt to lure users into downloading and installing malware.

To better protect both yourself and your organisation against such threats we recommend the following approach:

Be sure to only download files from websites and sources that are trusted.

  • Make sure you double check that the websites you are using are legitimate. 
  • Only use VPN software setup by someone you trust – ideally by your IT support provider. 

Be aware of email content

  • If you have any doubt about the validity of a link, do NOT open it. Be sure to check the URL thoroughly and make sure it is authentic.
  • Be cautious of emails asking for confidential information.
  • Never open shortened email links
  • Emails that ask for credentials, credit card information and other sensitive data are most often not legitimate.
  • Legitimate organisations such as banks, will never request sensitive information via email and will always redirect you to a secure website or other channels.

Be cautious

  • To significantly reduce the chance of becoming a victim to a phishing attack, it is best to be as careful as possible while browsing online and checking emails.
  • Check the authenticity of the sender of any email you download information from. If there is any doubt at all, do not click on it and report it to your IT support provider immediately.