The COVID-19 outbreak has led to a number of people scared, shaken and hunting for the right kind of information to keep themselves safe. There are a number of service providers including Google and Microsoft working to ensure the right information is spread among the masses. However, with the rate at which information spreads today, it doesn't take long for you to receive an email that reads, “the vaccine for Coronavirus is finally here. Click here to know more.” In a state of panic to know whether the cure is real, you click on the link and without realizing it, you are subject to a phishing, malware or ransomware attack.
Rahul Tyagi, Co-founder, Lucideus says, “COVID-19 has had a significant impact on the geo-political, healthcare ecosystem and economic state across the world and as businesses grapple to stay afloat during this pandemic, we have witnessed a significant rise in cyber-attacks. Starting from phishing emails, to ransomware, to social engineering, hackers are targeting sectors like BFSI (Banking, Financial Services, and Insurance), healthcare and consumers to take advantage of a growing global healthcare concern.”
For those that don't know, phishing is defined as “the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.” Put simply, if you click on an unknown link, or download an unofficial app, you could be handing a hacker the keys to your life.
According to Forbes, “Cybercriminals and nation state-sponsored spies didn't take long to catch onto the coronavirus panic. Research released Thursday shows crooks and snoops have been rapidly registering vast numbers of potentially-malicious websites and sending out masses of scam emails as they try to make money from the pandemic. A report from cybersecurity company Recorded Future noted a significant rise in website registrations related to the COVID-19 virus, some of which it believes are being used to either pilfer information from recipients or infect them with malware”. Forbes also has a list of domains that are potentially dangerous and you should check them out.
Rahul Tyagi, Co-founder, Lucideus tells us, “For example, a popular Johns Hopkins University website used to track the spread of the coronavirus that causes COVID-19 could be used by cybercriminals to spread malware, according to noted cybersecurity blogger Brian Krebs on Thursday. In a blog post, Krebs said the popular site "https://ift.tt/2v7syRL" has been targeted by malware dealers. ”
He goes on to say, “Similarly, our SAFE threat intel team has found a number of phishing emails claiming to be from the World Health Organization and other government agencies promising to provide healthcare support to cure Coronavirus. According to a cybersecurity firm, a wave of 2,500 infections of just two strains of malware were all delivered in COVID-19-themed emails recently. ”
So, if you see an email that claims to have the Coronavirus cure and you don't recognize the sender, we suggest you delete the email immediately.
Rahul Tyagi has shared steps one can take to protect themselves from such phishing emails and malware spreading. To begin with, be cautious when you see a suspicious sender address. Emails with generic greetings & signatures like "Dear valued Customer " or "Sir/Ma'am" can be avoided. Also, be on the lookout for poor grammar and misspellings. Completely avoid suspicious attachments from unknown senders.
Additionally, use two-factor authentication, VPN services and avoid sharing any sensitive information over email. Consumers should also be wary of an array of frauds happening on social media platforms and cautiously share and consume information.
Even if the sender looks to be an authentic source, you may want to double-check it before clicking on the link. According to a Kaspersky blog post, “The letters appear to come from the Centers for Disease Control and Prevention, which is a real organization in the United States, and they do recommend some actions regarding the coronavirus. The e-mails also come from a convincing domain, cdc-gov.org, whereas the CDC’s real domain is cdc.gov. A user not paying careful attention isn’t likely to notice the difference. The letters claim that the CDC has “established a management system to coordinate a domestic and international public health response” and urge recipients to open a page that allegedly contains information about new cases of infection around their city. The link appears to point to the legitimate CDC website: cdc.gov”. From this example, one must learn that when a phishing or malware mail is sent to you and the domain looks convincing, you should still check the source before clicking on the link.
There have been a lot of cybersecurity officials talking about hackers and cybercriminals looking to take advantage of the situation and India is no exception. Users need to be careful about the apps they download, links they click on and emails they open.
from Latest Technology News https://ift.tt/2Uq7j6m
No comments:
Post a Comment