A leading cyber-security company has issued a warning to the public that cyber-criminals are using fears over the coronavirus as a new way to target people online, and those working from home are particularly vulnerable.
Matt Horan, security director for C3IA Solutions, has identified a number of domain names recently registered featuring ‘Coronavirus’ and ‘COVID-19’, and he warns that many of them are likely to have been set up to take advantage of the current climate of fear of the spread of the infection.
The Problem
“Phishing emails are landing in people’s inboxes and it can be very tempting to click on them if you think it contains important information about the coronavirus,” he said. “They can be cleverly worded and can look official, but clicking on one of these emails can infect a computer, leading to the loss of important and sensitive data. Some emails are designed to take money by offering products that don’t exist.
“We urge employers to communicate the risks to their workers and for everyone working at home to exercise extra caution. While those were already set up to work from home will be as secure as they are in the office, many now working from home will not be.”
The Solution
The guidance for avoiding being caught in any cyber-criminal’s trap is simple: don’t open any attachments you receive by email without first verifying the source. If it appears to contain sensitive health-related information for you specifically, Matt recommends you “visit your medical provider’s patient portal directly, or make an appointment to directly confirm any medical diagnosis or test results.”
If you’re still concerned about the risk, Matt suggests implementing some of the best-practice defence configurations, “such as the Government’s Cyber Essentials schemes”, which is recommended by the Financial Conduct Authority, can be accessed remotely, and can protect against the majority of cyber-attacks.
For more information, visit the Cyber Essentials website. You can find out more about C3IA Solutions here.