Security Alert: Increased Phishing Attacks Related to COVID-19

Our IT company, Convergence Networks, sent the below information to all of their clients regarding increased security risks due to COVID-19. They were generous to let us share this with all of you – per Convergence Networks, we’re all in this together.

We know each and every one of you likely has lots on your mind with everything that’s going on related to the Coronavirus (Covid-19) in your area, across the country, and around the world.  And we don’t want to unnecessarily add to that list.  That said, we do want to make sure we’ve done all we can to ensure our clients are able to continue working and living in a manner that is safe and secure.  Toward that end, it seems appropriate to send out a message on security.  As with any crisis, there are already cases observed where bad actors are using the crisis to their own advantage.  That means more phishing, scams, and attacks.  You’ll likely see them in your e-mail, perhaps over the phone, and even in text and messaging apps.  Take any unsolicited messages with a hefty dose of suspicion, especially when there’s a call to action, whether clicking a link, calling a phone number, or checking out a map that tracks the COVID-19 infections.  We’ve already seen maps published with malware, bogus sites allegedly dedicated to Coronavirus updates, and of course, the inevitable scans looking to raise money for the victims.

To keep it simple here’s a few easy steps you can take:

  • If you get an alert or message regarding COVID-19, regardless of its delivery mechanism, don’t trust the content.
  • Instead look up the page online and get contact information there.  You can then contact whomever you need to reach using that information instead of trusting to a message or note you received.
  • Scrutinize communications from folks you know and trust as it’s entirely possible an attacker could be spoofing your valid contact, or the attacker may have even compromised your contact’s account.  Be vigilant and look for behaviors that do not fit the norm.
  • And given all the disruptions related to working remotely from home, pay special attention to any communication that’s related to remote work and apply the steps above.  Remember remote access could give an attacker access to your network.
  • Finally, if you’re wavering on the fence about Multi-Factor Authentication (MFA), take the leap.  MFA could be the last best thing to protect your remote workforce and your entire business.

If you have questions or concerns, please let us know.  Be safe!

Leave a Comment

Your email address will not be published. Required fields are marked *

Notify me of followup comments via e-mail.