It’s new, difficult to investigate, spreads like wildfire, persistent and harmful, and can cause dangerous collateral damage. Sound familiar? Yes, it’s the coronavirus. In fact, it’s both of them: the biological virus and the computer virus. As if the original virus that was first detected in China has not caused enough disruption, fear, and panic, we now have to contend with a coronavirus that infects our computers. Hackers are exploiting the public fear and hysteria surrounding the virus to launch Corona-themed cyber-attacks that steal sensitive information and spread malware.
Anyone and any organization is fair game
The attacks usually arrive in the form of an email that looks like the sender is a trusted, official source such as the Centers for Disease Control (CDC) or the World Health Organization. The subject lines have a message that claims the email has advice on how you can protect yourself from the virus, or offers the latest virus updates or even a Coronavirus map, which is supposed to track the spread of the outbreak. A Reason Labs researcher, for example, found and analyzed malware that sends infected coronavirus map applications in order to steal sensitive information such as usernames, passwords, and credit cards.
And these attacks are directed at both individuals and businesses. According to wsj.com, companies have received emails that look like the company’s purchase order for face masks and other supplies in order to trick employees into wiring payments to a fraudulent account. Other emails are designed to look like health warnings from official organizations and contain malicious attachments. Small businesses tend to be at greater risk than larger enterprises simply because they usually don’t have the resources to defend themselves or labor under the false assumption that hackers aren’t interested in their data. However, the reality is that 43% of all cyber-attacks are aimed at small businesses.
So how do small businesses avoid these attacks?
First, know that the fear-factor acts as bait for people that are hungry for information about the virus, so caution your employees not to take the bait. They should pay careful attention to who the email senders are as well as what the emails are asking them to do. For example, employees should check a sender’s email address for authenticity before opening the email. Some phishing emails that claim to come from the CDC have a cdc-gov.org address extension, which is fraudulent, instead of the correct cdc.gov extension. Employees should also avoid emails that ask them to share sensitive data such as account passwords or bank information. Additionally, they should be wary of suspicious or weird attachments, and they should just ignore special offers regarding coronavirus products and safety tips. Business owners must also make sure that their business has an up-to-date and powerful endpoint antivirus so that all of their business’ computers are protected against cyber-attacks.
Hackers follow trends
Hackers follow trends in order to exploit the public interest in them, and right now the coronavirus is heavily trending in the press. And as the real coronavirus continues to loom overhead, hackers continue to exploit it in order to spread malware. However, while the biological virus is scary for everyone, at least in the digital world, we can stay safe simply by complying with basic cybersecurity measures.