While the majority of society is facing setbacks and slowdowns due to Coronavirus, cyberhackers are flourishing.Many of them are taking advantage of the fear surrounding COVID-19 and using it to stage phishing attacks through fake and fraudulent emails. According to a U.S. Secret Service alert obtained by CNBC, these email attacks often include attachments that allow criminals to “remotely install malware” to “potentially harvest credentials, install keyloggers or lock down the system with ransomware.”
And it’s showing no sign of slowing down. According to a recent report, phishing email attacks are up over 600% since the end of February.
So, what’s the best way to approach an email in your inbox that could be a threat in disguise?
Proceed with Caution
When it comes to spotting fraudulent emails, follow these tried-and-true cybersecurity tips:
- Make sure your email platform, web browsers, antivirus packages and security programs are all up-to-date.
- If you’re unsure about an email, do NOT click on it. With some attacks, simply clicking on an email can make your information vulnerable to phishing. You can still analyze whether or not an email is real without clicking on it.
- Spot fake emails from the start by double-checking the sending information. Is it a name you recognize? Does the address look accurate and legitimate? Does the subject look strange? For example: Does it feel sensationalized, threatening or like click-bait?
- On your email platform, you should be able to see a preview of your messages. If there is a generic greeting or a misspelling of your name, consider this a red flag.
- If you accidentally open a fraudulent email, do NOT click on any links or download any attachments.
Once you have identified a potential fraud email, there is a crucial second step that will not only help you and your company continue to stay safe but other potential victims around the world.
Report Your Fraudulent Emails
Reporting your emails to both your own IT manager or employer and the proper authorities will increase the likelihood that these cybercriminals are caught. And with many people being frustrated that hackers taking advantage of vulnerable people with COVID-related attacks, more and more are choosing to report them.
In fact, the United Kingdom has established a service specifically for people to report fraudulent emails and cybercrime. The National Cyber Security Centre was launched on April 21st and as of April 27th, they already received over 5,000 reports of fraudulent emails and phishing attacks, leading to 83 schemes being shut down.
Here in the United States, there are also several places where you can report your potential phishing emails to make a difference:
- Your IT Manager or Provider: This step is the most important because it could keep your co-workers from becoming victims and your business information safe.
- Your State Consumer Protection Offices: This helps your local government become aware of potential schemes or patterns throughout the state.
- Your Local Police: If you lost money or other valuables information in a phishing attack, consider informing your local police and filing a report.
- Government Bodies: If you receive an email where someone is masking as a governmental body, you can inform the real organization using this contact directory.
- The National Center for Disaster Fraud: The NCDF specializes in monitoring and handling scams that revolve around natural disasters and emergencies, such as the Coronavirus.
By choosing to take the time to report potential email phishing attacks you come across, you’re helping others avoid becoming victims of invasive cybercrimes.
If you have additional questions on how to keep your business safe online while navigating the pandemic, please contact Switchfast today to discuss your options.