During events such as the COVID-19, or Coronavirus, pandemic, there is often an increase of criminal activity online. Preying on fear and panic, cyber criminals are now sending various scams related to COVID-19 and taking advantage of increasing vulnerabilities resulting from unusual working situations. It is critical that you and your institution’s employees exercise caution during this time.
Coronavirus Cybersecurity Threats
Fraudsters are using a variety of tactics in efforts to scam businesses and individuals, and your institution must maintain a heightened sense of awareness. Malicious websites are being registered by fraudsters at breakneck speed, many including the word “corona,” and these are used to distribute malware to the devices of unsuspecting visitors. Scammers are using spam emails containing conspiracy language or offering the opportunity to purchase high-demand goods, including masks, cleaning supplies, etc.
Additionally, cyber criminals are sending phishing emails that appear to come from familiar organizations but contain malicious phishing links or dangerous attachments. Be especially wary of emails claiming to have “new” or “updated” lists of COVID-19 cases in your area, as these emails can contain dangerous links. The attachments to these emails often include malware that, when installed, allow the attacker to install additional malware on the compromised machine, including ransomware, keyloggers and credential stealing malware.
These spam and phishing schemes are particularly effective right now, as we are craving the latest information on Coronavirus. Criminals take advantage of psychological principles, especially in times like this, to coerce us to do things we might not do in normal circumstances.
Increase Caution While Working from Home
Business email compromise is still a high risk, and criminals are looking for every opportunity to further legitimize their presence in organizations. During any disaster, criminals well know that normal operating procedures are not in place, and this pandemic has exacerbated that fact with the number of people working from home. Employees may be susceptible to more fraud with these emergency procedures in place.
With many employees working from home, normal software and operating system update procedures may not work as planned. Cyber criminals are keenly aware of this vulnerability, and they are prepared to take advantage of any security weakness that becomes available.
Ensuring your institution has secure internet and virtual private network (VPN) access is crucial, especially when employees are working remotely. While malware updates should continue as normal when employees are working from home, Internet filters and security devices may not offer the same security when employees aren’t utilizing VPN.
For protection against these cybersecurity threats, financial institutions should identify network vulnerabilities using penetration testing tools. By testing your security infrastructure against real-world tactics used by cyber criminals to exploit your network, your organization can strengthen its security and compliance.
How to Protect Your Institution
You must continue to exercise caution throughout this developing situation. Stress and unusual circumstances can cause us to be more susceptible to social engineering. Protect yourself and your institution’s employees with frequent reminders, including the following:
- Never click on links or open attachments from an email you weren’t expecting.
- If you receive a suspicious email that appears to come from an official organization, such as the FDIC or FTC, report the email to your security team to double check.
- If you want to make a charitable donation, go directly to the charity’s website to submit your payment. Type the charity’s web address into your browser instead of clicking on links in emails or other messages.
In addition to reminding your employees to exercise increased caution, protect your institution further by:
- Reiterating acceptable use policies, and possibly utilizing local agents on machines to enforce web and content filtering.
- Increasing diligence to ensure all security updates are applied.
- Ensuring any tools used for remote access, including VPN, are updated every time security updates are available.
As we continue adapting to the Coronavirus situation, financial institutions and their employees must remain vigilant against cybersecurity threats. Contact CSIfor more information about how we can help keep your organization one step ahead.
Steve Sanders is vice president of Internal Audit for CSI. In his role, he oversees the evaluation and mitigation of risks associated with IT, financial and operational systems. Steve is a CISA, CRISC, CRMA, and CTGA, and he speaks regularly on information security, cybersecurity, IT and IT audit topics.