Cybercriminals are taking advantage of the vulnerabilities introduced by organizations forced to rapidly move employees to a virtual workforce model and the resulting greater reliance on the internet.
Google reports the number of active phishing websites has increased from 149,195 in January to 522,495 in March. That’s an increase of 350 percent since the beginning of the year!
Cybercriminals are nothing if not resourceful, and many are jumping on the bandwagon. Why bother going to the trouble of attacking a network when an employee or executive will open the door for you by simply clicking a link in an email that takes them to one of these 522,495 nefarious websites?
In fact, email has become the most popular way for
cybercriminals to attack businesses and private individuals through a technique
Phishing is an attack that uses email or a social media
platform to trick the user into opening a link or an attachment. It can also be
used to fool them into entering passwords or personal information on a fake
website designed to look legitimate.
Avertium recently published an article giving examples of some COVID-19 phishing scams to watch for that feature bogus offers for vaccines, free tests and the like.
Phishing scams extend beyond the COVID-19 theme under the guise of various circumstances to prey on people distracted and stressed by the current situation.
For instance, you might get an email that appears to be from your bank, stating that your account has been compromised or suspended. The link might lead to a fake login screen, using the bank logo, where you enter your credentials and password. This instantly provides thieves access to your real bank account.
In most cases, just reading an email or message won’t hurt
you. For a phishing attack to work, you must be tricked into performing an
action. Therefore, it’s important to watch for the signs that a message is an
attempt at phishing.
Here are the most common indicators:
Related reading: Remote Workforce Security: 4 Best Practices
Moving your workforce to a virtual office model is essential during the pandemic. It’s more important than ever to stay vigilant and watch for nefarious activity. To protect your employees and your organization from the increased phishing scams during COVID-19 and beyond, do the following:
Related Reading: CISO Advice: Operating to a Cybersecurity Gold Standard During Crisis and Beyond
Never be a soft target. Show those cybercriminals who’s boss by downloading our incident response (IR) ebook. Show No Weakness.