3 STEPS TO PROTECT YOUR DATA FROM COVID-19 SCAMS
Coronavirus (COVID-19) isn’t just a growing threat to public health – it’s also a growing threat to your company’s cybersecurity. From using scary subject lines to adopting faux official letterhead, bad actors are scrambling to use the climate of fear and disruption caused by COVID-19 to their advantage. Disasters, emergencies, and global pandemics provide a target-rich environment for cybercriminals to launch phishing attacks and employ other dirty tricks to gain access to your data. It only takes one staffer opening a bogus email, clicking on a dangerous link, or downloading a malware-laden attachment for them to succeed.
Australia, in particular, has seen an increase in cyber risks and threats amid the intensifying outbreak. That’s led the Australian Cyber Security Centre (ACSC) to release a new threat update
exposing the patterns of these schemes through a series of case studies.“Cybercriminals are very opportunistic and we are seeing an increased targeting of Australians through COVID-19 themed malicious activities,” said
the acting head of ACSC, Karl Hanmore. Over 100 scam cases have been reported to the Australian Competition and Consumer Commission’s Scamwatch in the last three months with a significant surge in malicious cyber activities affecting businesses
and individuals since early this month. This is why the new threat advice update also outlined practical security measures
to be practised by businesses and individuals alike, as private networks can be a lot less secure than an organisation’s patched up operating network.
Here are three ways that you can act immediately to prevent a potentially disastrous Coronavirus-related data breach.
1. Plan, Preserve and Protect
Use expert guidance from agencies like CISA to prepare your organisation for risks posed by COVID-19. Is your cybersecurity plan adequate for the unique challenges presented by increased virtualisation if your staff is quarantined or working remotely for safety? Two-factor authentication and other tools like VPN help keep your organisation’s data and systems safe even when workers aren’t in the office.
2. Trust but Verify
Get updates about COVID-19, scams and frauds related to the Coronavirus pandemic, and its impact on cybersecurity from trusted, official sources, and encourage your staff to only use vetted information for planning and communications. Be wary of any email with a COVID-19-related subject line, attachment, or hyperlink. Avoid sharing or clicking on social media posts, text messages, or IMs offering Coronavirus information, vaccination, treatment or cures.
3. Make Prevention a Priority
Refresh every staffer’s training on how to spot phishing scams and online fraud. Remind your staff that government agencies will never ask for sensitive personal, financial or business information via email. Reinforce that clicking on links or opening attachments from unfamiliar sources is a quick way for scammers to infect your systems with malware. Employee Security Awareness Training and Phishing Simulations can help make sure that your staff is ready to spot and defend against attack. Constant vigilance against cyberattacks is a smart strategy for any business. In these uncertain times, we’re happy to be your trusted source for the tools and strategies that you need to keep cybercriminals out of your business.