How to Protect Your End User Devices from COVID-19 Phishing Attacks

With more employees working from home due to the COVID-19 crisis, companies are finding it increasingly difficult to ensure their networks are secure. Since the start of the pandemic, phishing and SMS phishing attacks have increased over 600% as cybercriminals are exploiting public fears to target individuals. Now, with the release of government stimulus checks, the attacks will likely increase over the next weeks and months. Be wary of emails that include the following in subject lines or information:

 
• Coronavirus or COVID-19
 
• Unsolicited stimulus check status or registration
 
• Messages offering something in short supply, or premium services for free (e.g., Free Netflix Premium Service)
 
• Offers for cures or vaccines for COVID-19
 
• Being told there is a limited time to respond (e.g., in 24 hours or immediately)
 
• Any message written to create panic, fear, hope, or pique curiosity (e.g., Hospital notification of close contact with a patient diagnosed with COVID-19)
 
• Any sender claiming to be someone official (e.g., bank, doctor, lawyer, government agency; IRS, WHO)

In a time where cybercriminals are united, focused and motivated in exploiting the fear and uncertainty surrounding the pandemic, it is important to remain calm and skeptical when receiving unsolicited email or text messages. Review unsolicited messages for the following:

 
• How would the sender have this specific contact information?
 
• Research reputable online resources for any unsolicited offers that seem too good to be true
 
• No government agency or corporate entity will ask for credentials or personal information via email or text

GuideIT Managed Security Services has solutions designed to help your company combat phishing and SMS phishing attacks. Remain vigilant, aware and be safe. You can find more information about GuideIT's solution to test and address vulnerabilities here: https://www.guideit.com/cyber-assurance/