INSURANCE NERDS
BLOG
New Cyber Risks Emerge During COVID-19
Cyber hackers take advantage of the pandemic to attack companies and individuals through their digital platforms.
Whatever your industry may be, if you and your employees are now continuing your business’ operations remotely, be aware of the common cyber-attacks currently being exploited, making Cyber Risk Insurance more important than ever before.
Cybercriminals and hacking groups are exploiting disruption and public fear caused by the current world emergency through a range of phishing/vishing/smishing schemes and malware attacks (e.g. ransomware) which are likely to proliferate as the outbreak intensifies. An explanation of each is listed below:
- Phishing attacks can take many forms, but they all share a common goal – getting you to share sensitive information such as login credentials, credit card information, or bank account details.
- Voice phishing or vishing is a type of phishing attack that is conducted by phone and often targets users of Voice over IP (VoIP) services like Skype to gain access to private personal and financial information for the purpose of financial reward.
- Smishing (SMS phishing) is a type of phishing attack conducted using SMS (Short Message Services) on cell phones. Just like email phishing scams, smishing messages typically include a threat or enticement to click a link or call a number and hand over sensitive information. Sometimes they might suggest you install some security software, which turns out to be malware.
- Ransomware is increasingly being used by hackers to extort money from companies. Ransomware is a type of malicious software that takes over your computer and prevents you from accessing files until you pay a ransom. The most common way ransomware enters corporate networks is through email. Often, cybercriminals will include malicious links or attachments in emails that look harmless.
Experts from the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA), warns individuals to remain vigilant for scams related to COVID-19. Cybercriminals may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.
Examples so far include cyber scams by groups impersonating the World Health Organization (WHO) and the US Center for Disease Control (CDC), fraudulent websites advertising antiviral equipment which turns out to be fake, cybercriminals tricking users into stalling malicious COVID-19 related apps resulting in locked devices and requesting ransom payment, and attackers seeking bitcoin funding which they claim is for vaccine research.