The economic uncertainty caused by the coronavirus outbreak is amplifying the risk of cyber scams and attacks, and companies and individuals must be extra vigilant to the increasing online threats, ACE Insurance Brokers executive vice president, Gulf Simon Fisher has warned.
With countries implementing lockdowns, work from home initiatives, social distancing and other precautionary and preventative measures, governments and businesses are disseminating more information than ever before via digital platforms, a situation cyber criminals are exploiting.
While very few of these cyber attacks are technically sophisticated, cyber criminals are successful as they are capitalising on the state of concern across the globe, said Mr Fisher. The criminals use social engineering techniques, including ‘baiting’, whereby the attackers send out a false promise to pique a victim’s curiosity, and ‘scareware’, which sees users bombarded with false alarms, directing them to an action that leads to a malicious site and infects their computer. Other techniques include ‘pretexting’, ‘phishing’ and ‘spear phishing’.
He said, “As we are all spending more time online, that extra level of vigilance and care to where and what you are researching, sites you are visiting, links you are clicking, will go a long way to keep your data and your devices safe. We’ve seen recent examples of these crimes as airlines began to scale back flights to try and stop the spread of COVID-19. Scammers have been sending out phishing emails offering false refunds or rebooking of airfares.”
‘Impersonation’ attacks are also on the rise, said Mr Fisher. With people searching for up-to-date information on the virus, hackers ‘map’ authentic websites claiming to show trackers of the virus spread when they are, in fact, infecting users’ devices with malware. “These fake websites execute what we term ‘drive by’ attacks by hiding malicious code and downloads inside the pages that are executed as soon as it’s opened,” he said.
Malicious app developers have begun to take advantage of the situation and are using coronavirus-related keywords in their app names or descriptions to drop malware or commit theft of financial or personal data for a user’s smartphone.
Working from home is challenging on many fronts and organisations aren’t properly prepared, particularly when it comes to security, with their security tools not providing coverage outside their corporate facilities. While many are successfully retrofitting operations to support remote working, the human element must be addressed.
Mr Fisher explained, “Employees must be properly trained on the dos and don’ts of what to do while working remotely. One golden rule to follow though, is ‘think before you click’. We place great importance on our customer-centric approach and will be launching work from home awareness training for our clients.”