Coronavirus (COVID-19) is a challenging and evolving global issue. Unfortunately, it’s also creating opportunities for cyber criminals. There has been a noticeable rise in coronavirus-related phishing attacks worldwide, including business email compromise, which is also correlated to the challenges of a shift to home-working.
Fraudsters are attempting to scam businesses by impersonating members of upper management, suppliers, partners or even members of the IT support team by email, phone or text. These scams can be financial, where the cyber criminal requests urgent payments, or to gain access to secure business networks and data.
All businesses need to ensure that employees are well aware of these attacks and mitigate for them in the following ways:
- Consider implementing additional payment verification processes
- Advise staff to phone the requesting party directly using a verified phone number
- Similarly, employees should check email addresses against company records for an exact match
- Staff should only use authorised channels to exchange sensitive business information
- Home-workers need to use a VPN to access business networks and follow all company security protocols
- Everyone should be vigilant for any payment requests that are unexpected or irregular
In addition, employees need to be aware of phishing attacks that target them personally. Cyber criminals are sending phishing emails posing as organizations such as banks, Government, the World Health Organization or other health service providers, and pretending to offer a safe haven for money or medical guidance. Their goal is to trick people into sharing personal, professional or financial information.
If you think your business has been targeted by a coronavirus scam, please report it to us immediately.
As always, prevention is the strongest course of action you can take. Know what you can do to protect your business from cybercrime and fraud. And keep yourself safe by following the latest guidance and precautions on coronavirus update.