As with any disaster, there are always people who want to take advantage of disruption, confusion, and concern. The global COVID-19 crisis is no different. Bad actors and cybercriminals were always likely to try to exploit this pandemic, especially as the increase in remote working has left many organizations with new vulnerabilities in their systems.
In the first quarter of 2020, phishing attacks related to COVID-19 increased by 600%, according to KnowBe4, a security awareness and simulated phishing platform. The second most popular and most clicked email message of the whole quarter was a fake email alert claiming to come from the Centre for Disease Control (CDC) warning about COVID-19 cases.
During these confusing times, it is vital to be vigilant about your online security and behaviors. Cyberattacks taking advantage of the situation, however, are not always going to be obvious or even directly related to COVID-19. As organizations pivot to remote working and people across the world adapt to working from home, many for the first time, there are a number of ways that cybercriminals are targeting vulnerabilities.
Some of the most common attacks this quarter are related to home working or new technology. Phishing subject lines are targeting rescheduled meetings, SharePoint, COVID-19-related disaster recovery strategies, and messages about working from home. Similarly, messages related to remote working tools like Microsoft Teams, Zoom, and VPN connections have become significantly more common.
With these subjects, malicious actors are preying on the heightened stress and distraction of the situation, as well as taking advantage of people adapting to new ways of working and the urgency of a lot of work. During these periods, people tend to react more instinctively before thinking logically about the security or legitimacy of an email.
At VC3, we’ve previously explored the dangers of email phishing and the importance of being constantly vigilant when it comes to potential attacks. Now more than ever, remaining alert to potential threats and always being cautious of clicking links in emails is vital. Any email from someone you don’t know or an unfamiliar address should be treated with caution and double-checked for potential threats. But it’s important to be thoughtful even when an email comes in from a trusted source, as phishing attacks can be incredibly subtle.
Always check links, and be suspicious of shortened URLs like ow.ly and bit.ly. If an email reads oddly or doesn’t scan, then double-check it. Remember that reputable companies are highly unlikely to ask you to click a link or enter your personal details. If you are being asked to do something unusual, even at this unusual time, then just take a moment to think about whether the ask is sensible and trustworthy. When it comes to internal contacts, it never hurts to pick up the phone or send a message to check that an email really is all that it seems.
The key takeaway from the data around phishing attacks in the first quarter of 2020 is that cyber criminals and bad actors are adapting extremely fast to the new situations that organizations and employees find themselves in, and an extra cautious approach to cyber security is going to be required for the foreseeable future.