COVID-19 Cyber Attacks on The Rise: Protect Yourself and Your Business

With the rise of the COVID-19 pandemic has come a rise in cyber-attacks and scams by criminals looking to profit from the turmoil. From phishing email and text scams to fraudulent banking and shipping scams (which you can read about on the Federal Trade Commission’s website here), criminals are going through great feats with the hope of profiting off of your company’s vulnerabilities. So, to mitigate your susceptibility to some of these scams, we suggest the following practical tips:

• Ensure you and your employees’ computers, phone and other electronics are up-to-date. Security patches are often contained in updates.
• Change your passwords often.
• Verify the accuracy of activity on your bank accounts, credit cards and payment processing accounts. Fraudulent transactions are on the rise, so you want to be vigilant about checking every transaction from a secure internet connection and up-to-date computer.
• Do not answer calls from unknown numbers AND hang up on robocalls. If someone important is calling you, he/she will likely leave a voicemail.
• Do not click on links contained in texts or emails without verifying the identity of the recipient. Scammers are impersonating agencies such as the Center for Disease Control and may even impersonate your coworkers or family members, so please verify the sender of a message is legitimate prior to opening any links.
• Beware of fraudulent text alerts that appear to be from common carriers like UPS, FedEx and do not click links contained in any of these “alerts.”
• Verify the senders of your emails and texts prior to answering or forwarding any messages. Phishing criminals are clever and may send you a fraudulent message with anything from one small digit or letter off from a legitimate email. Here are some examples to consider – keep in mind that my correct email address is miya@jvclegal.org:
  • Email from: miya@jvclegal.com (incorrect domain name)
  • Email from m1ya@jvclegal.org (digit replacing letter)
  • Email sender name that says “Miya Owens” but when you hover over the name, actual email sender is something like i2343414312@icloud.com
  • Text message from your colleague asking you to wire money or download an app or anything else that immediately seems odd
    • Text spoofing is common, so messages may appear with an actual contact’s phone number as the sender. If this occurs but the message’s contents seems suspicious, pick up the phone and call the supposed sender to verify the message was sent by him/her.
• Consider turning off smart devices (e.g., televisions, speakers) when you’re having work-related conversations, as these conversations may be recorded without your knowledge or consent.
• Limit access to work documents and information on all of your devices. If you share a device, protect your files with a unique login and password and limit access to files on shared drives to only yourself or colleagues who actually need access.
• Take advantage of new security features and updates on meeting programs, like Zoom and Microsoft Teams. Zoom has recently updated its privacy and security features to fight the practice of “Zoom-bombing” and describes added precautions you can take when using its program on its blog here and here.