COVID-19 is not the only virus associated with the global outbreak. As predictably as night follows day, cybercriminals have been using the epidemic as a means to spread their malicious payloads. Companies should include information about cyber hygiene along with the CDC recommendations of hand washing, particularly given the potential for increased remote access to corporate IT systems.
Warnings have been sent regarding phishing emails mentioning the coronavirus or COVID-19 outbreak purporting to be originating with business partners or public health institutions. In the search for more information regarding the outbreak, people are more likely to open and read seemingly “official” emails, which can lead to malware infections. Other activity that has been reported are fraudulent or spoofed purchase orders for hand sanitizer that can lead to payments or other protective equipment that can result in wire transfers to fraudulent accounts and phishing emails appearing to be related to remote work or emergency planning that collect employee user names and passwords.
Our takeaways:
-
Use this opportunity to reinforce phishing training and consider tightening company defenses, including increasing the sensitivity of spam filters or tuning phishing filters.
-
Ensure that remote workers are aware of the need for secure access to the corporate network and provide VPN or other secure means for people to access remotely. Remember, “reasonable security” is still the rule of the day.
-
In addition to providing health-related information, remind employees about the possibility of malicious emails and exploits that will try to take advantage of the outbreak and associated concerns: If an invoice with wire instructions doesn’t seem right, it probably is not. If you receive a request for user name and password, call IT and ask. Stay healthy and keep your cybersecurity healthy as well.
Ransomware and malware attackers don’t observe quarantines.