In the midst of the Coronavirus pandemic, cybercriminals have taken heed of the opportunity to exploit the global health crisis for profit and fraud. Among the new collection of virus-themed scams are phishing campaigns, social engineering attacks, charity-focused emails and more.
As more businesses seek out emerging news regarding the grave situation and exercise remote work procedures to mitigate the spread of Coronavirus Disease 2019 (COVID-19), Align encourages them to practice vigilance with regard to suspicious emails and cyber activity.
In today's blog, we're proffering readers a look into the most malicious and sophisticated scams we're witnessing from the front lines, including the following campaigns listed below:
Do you want access to the secrets for surviving a pandemic?
Criminals are luring in victims with missives such as the above example, dangling the opportunity to access secret knowledge for ensuring survival during the outbreak of COVID-19. A key element to these sales pitches is that recipients must perform an action, such as purchasing a book or watching a video. Fraudsters leverage the former device as a means to empty your wallet and steal your credit card details. Sensitive banking information is then recycled future-forward to make fraudulent purchases on your behalf, risking draining your personal or corporate assets.
Other malevolent social engineering attacks send persuasive emails that contain a hyperlink to an article on new developments regarding COVID-19. Upon clicking the article's link, recipients are directed to a fake website or login page where they can enter a username and password. Unbeknownst to the victim, they have immersed themselves in a phishing scam, during which bad actors aim to uncover your account credentials.
Firms should be wary of charity-focused emails that are impersonating reputable organizations such as UNICEF, Centers for Disease Control & Prevention (CDC) and GlobalGiving. In this scenario, criminals are preying on people's empathy, suggesting that your charitable donation can help expedite the design of vaccines and support emergency response efforts. While some of these manipulative messages request payments in Bitcoin cryptocurrency, others even contain a QR code to simplify the process of stealing your money.
An entirely new collection of virus-themed emails has surfaced, and they are targeting hedge funds and the broader investment community. Many of these communications exploit fear while promoting their products and solutions.
For example, malicious actors may target survivalists and anxious users to offer discounts or access to hand sanitizer, face masks and other resources growing scarce during a health crisis. These communications heighten paranoia in an attempt to evoke action and access your business' mission-critical network.
Speaking of critical systems and networks, let's switch gears to discuss work from home (WFH) and the sound measures businesses can employ to operate securely and smoothly.
Empowering employees to work remotely or work from anywhere (WFA) with access to critical infrastructure has numerous benefits for businesses. To name a few:
The industry has seen tectonic shifts in IT infrastructure innovation over the past few years. Primarily due to the explosive growth and sophistication of the public cloud, which has crossed the tipping point and is now largely considered the optimal construct upon which contemporary IT networks are built, expectations have changed.
If you are operating in an inferior legacy environment, you undoubtedly lack the typical controls and functionality of a modern IT infrastructure. Furthermore, your firm is a step behind in safeguarding sensitive business assets and preventing data exfiltration and other cybersecurity risks.
If you're seeking information on remote work solutions that offers access to 24x7x365 support, we recommend reaching out to one of our Managed IT experts. Contact us today by clicking here.
We urge organizations to employ cybersecurity best practices and proceed with the utmost caution in today's turbulent cyber climate. We anticipate these scams will increase in frequency and sophistication rapidly, so long as hackers can profit.
To help safeguard your corporate assets and prevent your investment firm from falling victim to cybercrime, we offer the following guidelines and resources:
If so, we advise you to contact the Align Cybersecurity team at help@align.com or via phone at +1 855-IT-ALIGN (1-855-482-5446).