As if businesses didn't have enough to worry about, online scammers have started sending out malicious e-mails to organizations about coronavirus that appear to be from business partners or public institutions.
The criminals send these to rank and file employees in the hope that at least one of them will click on a link or attachment in the email, which unleashes malware or tries to trick them into wiring money for supplies purportedly to protect the organization's workers.
The number of malicious emails mentioning the coronavirus has increased significantly since the end of January, according to cyber security firm Proofpoint Inc. The company noted this isn't the first time they had seen such widespread cyber-attacks associated with some type of a disaster. But because this is global in nature, it decided to track the new threat.
The practice of launching cyber-attacks centered on global news and outbreaks (like the current COVID-19 coronavirus) isn't anything new. Cyber criminals have long employed these tactics to take advantage of users' desires to keep up to date with new information, or to evoke powerful emotions (like fear) in the hope that their sentiments will get the better of them and they will not pause to check for the legitimacy of these emails.
Cyber criminals are using the public's ignorance about coronavirus, as well as the conflicting claims of how to protect against it, to lure people into clicking on malicious links or to get them to wire money. Because people are afraid, their guards may be down and they may not be as careful about identifying the email as dangerous. For example:
Some real-life examples
What you can do
All that it takes to break into your business is a cleverly worded email message. If scammers can trick one person in your company into clicking on a malicious link, they can gain access to your data.
It's important to train employees on how to identify suspicious emails. They should avoid clicking links that: