Security scams and Coronavirus

The world is currently experiencing the worst Coronavirus pandemic. We can see businesses slowing down, disruptions in transportation, schedules being altered, closures of educational institutions, and many other changes in our daily lives. While the crisis is dangerous and overwhelming, scammers are trying to make money from it. Scammers and hackers always use the current political and economic climates to get people to give their personal and financial details. The most common attack in the Information security field is the ‘phishing attack’. This has been increasing in popularity since the ‘Coronovirus’ outbreak. While we are all online researching the latest health threats, others are sending us malicious messages to gain monetary or personal benefits.
According to a Department of Homeland Security press release, scammers sent emails pretending to be Coronavirus health organizations to innocent victims. They also played the ‘fear game’. These malicious links were also clicked by innocent victims who discovered that malware was installed on their computers or that their personal/financial data was stolen.
2. Most corporate IT companies today use WFH (Work From Home).
It is better to give employees permission to work from home if they have not been granted permission by higher security regulations (maybe conservative organizations). This will provide enhanced security for employees working remotely with sensitive corporate information.
Scammers will also attempt to access corporate data and apps through personal devices/laptops. This is because employees are more likely to be using their laptops to browse the internet, check email, and use other apps.
3. Are you looking at maps and information about COVID-19? You are not the only one looking for it. Hackers also know that you have been viewing maps and information relating to COVID -19 in the background. This malware steals usernames and passwords, credit card information, and other information from the browser. It can also be sold in the deep web.
Even though fear is spreading all over the globe, about the COVID-19 epidemic, it is important to be cautious online. This will help to ensure that the situation does not get worse.
1. According to the WHO (World Health Organization), there is a lot of fake emails that claim to be from the WHO regarding the COVID-19 emergency. It recommends that you first verify:a. email addresses before clicking them (emails from ‘WHO’ will be marked as “”)b. all links sent to you via SMS, email, or Whatsappc. Before you give out your personal information, take a moment to think. If you feel that you have been scammed, please immediately report it to the appropriate authorities.
2. Allow employees to WFH, and allow them to connect using their personal devices, but only through a VPN client to the corporate network.
3. All employees should be aware of the WFH policies
4. WFH employees should have their endpoint attack vectors sealed