This blog on the importance of staying vigilant online is reposted with permission from the Global Cyber Alliance (GCA). GCA is an international, cross-sector effort dedicated to reducing cyber risk and improving our connected world and we are delighted to be able to work with them as one of our CTA partners. With disinformation and COVID-19 cyber threats still an imminent threat, we believe that working together with our members and partners to ensure a safer internet has never been more important.
Spidey sense: a vague but strong sense of something being wrong, dangerous, suspicious, or a security situation.
Due to the COVID-19 pandemic, most of the global workforce has been working from home. This is creating an enticing environment for hackers and scammers to leverage and exploit vulnerabilities and human weaknesses. Those bad actors are working at full steam. According to Scam Spotter, sponsored by the Cybercrime Support Network, a Cyber Threat Alliance (CTA) partner, scammers are estimated to steal over $2 billion this year.
The COVID-19 pandemic is an attractive target for scammers and spammers and our CTA members have been publishing research on various malicious campaigns associated with the pandemic. Bad actors are leveraging COVID-19-related phishing lures and text-based campaigns to lure victims. One thing is common throughout — these malicious campaigns play on people’s fears both around the virus itself and their financial insecurity due to the economic uncertainty. Hackers leverage fear and uncertainty to their advantage. It works. When you couple this disquietude with the exposure of people working from home using personal computers, without the level of sophisticated security software available to them in a corporate network, you are creating an appealing environment for bad actors to exploit.
In order to effectively protect yourself against this malicious activity, you have to be hyper alert, even suspicious, when reviewing emails and texts. Have that ‘spidey sense’ that something might not be legitimate. The tactics and techniques the bad actors use today are good. They know what is compelling so that people open the email, the attachment, or click on the link. The phishing lures and text messages are specifically designed to fool you. They are also geared for wide distribution to allow for successful exploitation, so you might get various plays on the same themes. Many will fall victim to these malicious campaigns as they don’t sense something isn’t right, or they want to believe the message to be legitimate.
Be wary of any pandemic-related messages, whether coming via email or SMS messaging. To better help you educate yourself on some of the tactics and techniques that bad actors are leveraging, you can read how some of our CTA members have described this activity in more detail on this resource site. We have also compiled a list of working from home tips and resources from many of our members here. You must provide the same high level of scrutiny to any email, text, or website that you would have before the pandemic started.
The best advice we can give you in this circumstance is to be leery of any email or text message related to the virus or to today’s economic uncertainty. Get your ‘spidey sense’ on and be suspicious and be cautious; you won’t be disappointed.
Author: Jeannette Jarvis
Nonprofit Cyber Celebrates Its First Anniversary with Six New Members
BBB Institute for Marketplace Trust, Black Girls Hack, Building Cyber Security, Internet Safety Lab, the Global Anti Scam Alliance, and the Maritime Safety and Security Alliance have joined the coalition, adding to its diversity, equity and [...]
Collaboration is Key to Better Threat Intelligence
By Victor Acin (Blueliv Labs Manager) Where do you get your cybersecurity news from? If you are a cybersecurity vendor, your news feed is a great way to find outdated threat information, after an attack has already happened. But, if your mission is to defend the digital ecosystem, critical infrastructure, as well as [...]