tarsus.today
How to avoid cyberattacks inspired by the pandemic How to avoid cyberattacks inspired by the pandemic
Cybercriminals ramp up their efforts as more people work from home. How to avoid cyberattacks inspired by the pandemic

Allowing employees to work from home has solved many challenges arising from the COVID-19 pandemic and the national lockdown.

But it has also created new opportunities for cybercriminals, who are using the situation to launch more online attacks.

Here are some examples of how they are doing this, along with advice on how not to be fooled.

Home network security during COVID-19

Working from home relies on employees connecting to work resources using their personal internet connections. These connections are often less secure than corporate networks, and hackers use them as entry-points into those networks.

This resulted in a huge spike in attacks in South Africa in early April. Security company Kaspersky reported 310,000 attacks in the country on the 18th of March this year. This is up from a much lower average of 45,000 attacks in a day a year previously.

A common tactic is to send out spam emails that use current events, like the pandemic, in their subject lines. These emails appeal to the reader’s legitimate concerns, and raise the chances of malicious links being clicked by lowering the reader’s guard.

Stand and deliver

Another method being employed lately is to use delivery services to fool people into opening emails/attachments/clicking links. As the COVID-19 pandemic rages, people have turned to home delivery services for their medication, grocery deliveries, and other essential goods.

And because they regularly receive communications about deliveries, people are less likely to double-check every message before taking action. This is what cybercriminals are counting on.

This is how that works:

Kaspersky says cybercriminals send emails that claim to be from a familiar delivery service, saying that they were unable to deliver a package. They then request the recipient opens an attached waybill containing delivery information to confirm the address is correct. That attachment is where the malware resides.

When these malicious links and attachments are clicked, they create backdoors that allow hackers to take over those PCs. They can also steal user credentials that allow criminals to access corporate resources.

How to protect yourself

There are several things you can do to protect against this.

First, secure your home router. If you aren’t comfortable doing it, ask for help from friends or professionals. They can activate its security features and ensure the router has the most up to date firmware installed.

Firmware is the software developed by the router’s manufacturer. Updates often close security holes, so having the latest version is important.

Second, don’t open emails about the pandemic unless you know exactly who they are from. Simply delete them and move on. If an email hits your inbox that looks controversial or inflammatory (or both!), definitely steer clear. Also double and triple-check any communications that claim to be from a delivery service before opening anything they send you.

Third, ensure your antivirus software is up to date. If you don’t have any, activate Windows Defender; it comes free with Windows 10 and is very effective. Windows Defender can flag up malware and offers decent protection against most attacks.

Fourth, ask your work to set up a VPN (virtual private network) that you can use from home to beef up the security of your connection to work resources.

Be safe during COVID-19

Follow these tips, and avoid becoming a cyberattack statistic while also keeping your and your company’s data safe during the COVID-19 pandemic.

[Image by Pete Linforth from Pixabay]

Leave a Reply