Beware of online coronavirus scams

Hackers have increased their activity during the current pandemic crisis. It’s more important than ever for you to be extremely cautious online.

With the massive number of people working from home, hackers feel they have an opportunity to exploit the pandemic for illegal profit. The level of hacking activity has definitely risen in recent months and everyone needs to be extremely cautious, especially with links and attachments in email messages as well as messages on social media platform and even your smartphone.

There have been reports of smartphone users receiving text messages related to federal stimulus payments and COVID-19 alerts for their area. These are mostly fake messages, generated by hackers trying to get you to click on links and reveal personal information on compromised web sites in an effort to steal your identity or worse. With so many people spending significantly more time online, the target environment is quite rich for these bad actors.

Over the past couple of months there has been a surge in domain names being registered on the Internet related to COVID-19, Coronavirus and just about every related term you can think of. These domains are being used to trick users into providing information that will allow hackers to assume identities or commit outright theft. It is more important than ever that you inspect every email with a link or attachment very carefully.

One of the first scams to emerge was an email that purported to come from the WHO and contained an attachment with information to keep you safe during the pandemic. That attachment was fake and launched software code that installed malware on the recipient’s computer that could track them and steal credentials when the unsuspecting user logged in to their bank or other websites. These are common hacking tactics that you need to remain aware of.

You should always be suspect of any email that you receive with links or attachments. You should verify the sender to be sure they are who they say that are and when in doubt, delete the message without clicking the link or opening the attachment. That is always best.

With the spike in literally thousands of domain names being registered to exploit this crisis, give serious consideration to using a DNS filtering service. The government of Canada recently announced it will be making a free DNS filtering service available to all Canadian citizens in an effort to thwart these fake domains. These domains are being setup for unsuspecting users to land on and think they are legitimate web sites. Their goal, like all of these scams, is to capture credentials, solicit payments or silently install malware on the visiting user’s computer.

The amount of scams is growing so fast that there are nearly daily alerts from the FBI and FTC being issued to warn consumers of the threat. Don’t become an unknowing victim. Be sure you have up to date security software on your computers. Be sure to keep your computers and software updated with the latest versions to be sure any security issues are properly patched. Check to see if your Internet provider of your router provide any type of DNS filtering and if so, enable it. If they don’t, consider using a good DNS filtering service like Cisco Umbrella, Safe DNS, Sophos or others. You can’t be too careful, especially during this pandemic.

Hot this week

The Myth of Perfect Security

Perfect security is a myth, and focusing on resilience rather than prevention can better protect your organization from inevitable breaches.

Why Traditional Passwords Are Failing Us

Password fatigue from complex rules often causes more security breaches than weak passwords, requiring a shift toward user-friendly tools and behaviors.

Why Your Employees Are Your Best Security Defense

Empowering employees with security awareness training often provides better protection than stacking more technology, turning human factors from a weakness into your strongest defense.

Why Most Security Awareness Training Fails and What to Do About It

Security awareness training often fails because it focuses on knowledge rather than behavior, but shifting to a behavior-based approach can lead to better outcomes and fewer incidents.

The Myth of Multifactor Authentication Security

Multifactor authentication enhances security but is not foolproof, as it can be bypassed through social engineering and technical exploits. Understanding its limitations and adopting stronger methods is essential for effective protection.

Topics

The Myth of Perfect Security

Perfect security is a myth, and focusing on resilience rather than prevention can better protect your organization from inevitable breaches.

Why Traditional Passwords Are Failing Us

Password fatigue from complex rules often causes more security breaches than weak passwords, requiring a shift toward user-friendly tools and behaviors.

Why Your Employees Are Your Best Security Defense

Empowering employees with security awareness training often provides better protection than stacking more technology, turning human factors from a weakness into your strongest defense.

Why Most Security Awareness Training Fails and What to Do About It

Security awareness training often fails because it focuses on knowledge rather than behavior, but shifting to a behavior-based approach can lead to better outcomes and fewer incidents.

The Myth of Multifactor Authentication Security

Multifactor authentication enhances security but is not foolproof, as it can be bypassed through social engineering and technical exploits. Understanding its limitations and adopting stronger methods is essential for effective protection.

Why MFA Is Not Enough Anymore

Multi-factor authentication is no longer a silver bullet for security as attackers develop new bypass methods, requiring a layered defense approach with phishing-resistant tools and continuous monitoring.

Why Phishing Still Works and What to Do About It

Phishing remains a top threat because it exploits human psychology, not just technical gaps. Shifting focus to employee awareness and habits can build stronger defenses than relying solely on technology.

Rethinking Password Security

Complex password rules often increase risk by encouraging poor habits. Learn how password managers and multi-factor authentication offer more practical protection for organizations of all sizes.
spot_img

Related Articles

Popular Categories