In the age of coronavirus, it’s very easy to take cybersecurity for granted. Your business is dealing with severe economic and financial difficulties – surely there are more urgent things to worry about than a cyberattack? Don’t the cybercrimals have better things to do than target your website?
Unfortunately, the opposite is true. In times of crisis, cybersecurity is more important than ever:
- Cybercriminals know that business owners tend to deprioritise cybersecurity
- There is often an abundance of sensitive data – medical records, contract alterations, HMRC claims
- Fear and alarm give cyberattackers new and dangerous ways to target you and your staff
In fact, the BBC recently reported that Google is blocking 18m coronavirus scam emails every day.
In today’s article, we’re going describe some of the cyberattacks that you need to be ready for in the age of coronavirus.
Phishing Attacks In The Age Of Coronavirus
In our last post on the new types of cyber attack we introduced the concept of the “phishing attack”. This is where a cyberattcker tries to get you to disclose sensitive information by pretending to be:
- A customer
- A colleague
- Your bank
- Amazon/Apple/Google etc
Cybercriminals will not let a crisis go to waste. They know that business owners are anxious at the moment. Anxiety makes you vulnerable to phishing attack because you tend to react without thinking.
One common coronavirus phishing attack tries to get you to donate money. The email will claim to be from a trusted institution like a church, a charity or even the WHO. These are especially effective because they take advantage of your generosity and civic spirit. Who doesn’t want to help a charity or NGO when the world is in a crisis?
Business owners have also reported phishing emails claiming to be from the government. The message tells you to download some essential software, for example:
- An app to track the virus
- An online payment processor for furlough claims
- A special tax return gateway related to the coronavirus
Of course when you download the software, it turns out to be malware or ransomware. Phishing attacks from hackers claiming some sort of authority can be particularly hard to counter. You’re worried about getting into trouble, so you tend to follow the instructions without taking any time to double check the source.
How To Spot A Coronavirus Phishing Email
The National Cyber Security Centre has put together a useful guide to dealing with phishing attacks. The first step is spotting that the email is fraudulent. Here are five tell-tale signs:
- Authority – the sender will claim to be from your bank, your doctor or HMRC
- Urgency – the email will claim you need to act NOW (or within 24 hours etc)
- Emotion – the most dangerous phishing attacks prey on your emotions; coronavirus emails will try to make you panic or anxious
- Scarcity – a typical coronavirus phishing attack might promise you something in short supply like a mask (or even a cure)
- Current Events – “Criminals often exploit current news stories, big events or specific times of year… to make their scam seem more relevant to you”.
What To Do If You’ve Been Phished
First of all… don’t panic! Most cyberattacks can be remedied if you catch them early enough and know exactly what to do.
Before you do anything else, run a full antivirus scan. Then change all your passwords. If the phishing attack was financial, contact your credit card company and bank straight away.
At this stage you might want to bring in a cybersecurity expert. They will be able to check if you’ve been compromised and get you back up and running straight away.
If you are concerned that your business might be targeted with coronavirus cyberattacks, please get in touch. Our experts are on hand to talk you through exactly what you need to do.
And if you’d like complete peace of mind during these frightening times, consider one of our managed website security packages. We stay up to date with all the latest cyber threats so you can focus on running your business.