Avoiding COVID-19 Cyberattacks with Security Best-Practices

Most of us that work in Tech are familiar with security best-practices, but for many people, including your customers, being thrust into working remotely and conducting more daily activity online can bring with it security risks. Now is a great time to support your customers with tips on how to stay secure online and avoid COVID-related cyberattacks.

We’ve partnered with one of our trusted Security providers, Digicert, to provide you content that can be easily recycled and shared with your customers.

Staying safe online, during COVID-19 and beyond

The ugly reality is that cybercriminals will exploit any vulnerability they can find. During the COVID-19 pandemic, many people are increasingly active on social media, email, apps and SMS (texting) as we look to stay connected with one another and alert to new information. Some malicious parties are taking advantage of this by using these technologies as a means to distribute malware. Often, these scams involve fraudsters impersonating healthcare officials or organizations.

What can you do to stay safe?

1. Be suspicious of emails and messages about COVID-19 by:

  1. Inspecting the subject line and sender. If you don’t know the sender, or the subject line seems odd, don’t open the message and most importantly, do not click on any links.
  2. Subject lines about a cure or vaccine for COVID-19 are most definitely scams. Don’t open the message.

2. Look for common signs of fraudulent emails. These include:

    1. Poor grammar or spelling
    2. Poor design
    3. Unreliable contact information
    4. No Terms and Conditions provided
    5. Deals that seem too good to be true
    6. Suspicious forms of payment (like sending money to a random PayPal account or paying with cryptocurrency)

3. Don’t download unknown email attachments

For example, the map below — made to look similar to a legitimate map created by Johns Hopkins University — was circulated by scammers via email. The map often included links to malicious sites disguised as official communication.

 

4. Get familiar with known scams related to COVID-19

The Canadian Anti-Fraud centre is keeping an up-to-date list of known scams, and we encourage you to check for similar resources being provided by your local government.

5. Keep your browser up-to-date and watch for security indicators

One easy way to protect yourself is to ensure you’re using the latest available version of your browser. We also recommend checking that the websites you are browsing are encrypted with SSL.

Digicert has a great guide on how to identify authorized sites. This is particularly important if you are providing any kind of personal information or making a financial transaction.

6. Always check for additional trust indicators

Asking yourself a few of the following questions can help you better determine whether a website is trustworthy:

  • Do they have Terms and Conditions or a return policy listed?
  • Do they have a secure site seal?
  • Are there grammar and spelling mistakes?
  • Do they have reviews?
  • Do they have a social media following?
  • Is there contact information listed in case you need to get in touch with the company about your order?
  • If you arrive at a website via a link contained in an email, take extra care sure to make sure the site you’re on is the company’s official website – not an imposter.

 

Questions like these do not guarantee that a site isn’t a scam, but they are helpful guides in determining whether or not you should trust a site.

The reality is, it’s impossible to completely safeguard against online threats. But just like handwashing and social distancing offer a basic line of defence against COVID-19, the best-practices outlined above will help protect you and minimize risk online during these challenging times.