There is an enormous amount of confusion at the moment. Fear, Uncertainty, Doubt. Not to mention Disinformation, Rumour, Conspiracies. All this is encouraging cybercriminals to try and get computer users to give away information. Phishing, of course. With large numbers of people working from home, there are plenty of distractions, and it only takes a moment of inattention to click on something which under normal circumstances, you never would. Anything with Coronavirus or Covid in the subject – be VERY wary, of course.
Cybercriminals are capitalising on Coronavirus COVID 19 to send fake email and SMS phishing attacks that could infect computers or lead to the theft of logins and personal information.
Also, requests to change payment arrangements. (Your supplier REALLY changed bank ? Sure picked a funny time, right ?) Give details of your bank account so the government can place grant funding directly. The social security department has automated its payment system due to the pandemic, what is your account number ?
Credit: Australian Cyber Security Centre
If you get an email, supposedly from someone you know, or an existing customer or supplier, verify that this has truly come from them. DON’T reply to the email ! Verify by phone, or by emailing to your normal contact from a different computer, or by asking a colleague to do it.
An email that evokes fear, urgency, self-preservation – BE SUSPICIOUS.
Here are some suggestions to escalate your security savviness:
• Think before you click. Never open an attachment or click on a link from senders you don’t recognize. Even if you think you know the sender, if it seems odd they’d send you information like this, contact them (in another way) to confirm it’s the real deal (take note of new Facebook Messenger scams that look like they’re from friends).
• Verify the source. If you get an email, text or phone call that asks you to urgently confirm your personal or financial information, it’s fake. HMRC or your bank will never ask for sensitive information in this way. When in doubt, call the organization to ask if it was them (chances are, it won’t be). Forward all suspicious emails directly to https://www.actionfraud.police.uk/ or call 0300 123 2040
• Watch out for others. Warn your loved ones – especially those less tech-savvy or the elderly – about the increased likelihood of scammers trying to defraud through email, text message, social media or even a phone call.
• Practice password safety. Create long and complicated passwords (or passphrases), don’t use the same ones for all your online activity and change them every month or two. There are password managers that we can help with.
• Play defense. Install good cybersecurity software on all your devices and ensure you set to auto-update, in order to protect you from the latest malware and other threats. Free cybersecurity software is better than none at all, but it’s prudent to invest in a reputable and comprehensive paid version of anti-malware software.
Report anything you think might be a phishing attack, to your boss, the IT department, the usual channels. If you don’t have any usual channels, then you need to get some – call us !
ABCOM – 01444 871200