Risks of malicious cyber security threats always exist when using the web, and whilst there are ways to reduce the possibility of threats, hackers are always finding new and inventive ways to exploit you. Lately attackers have taken to abusing the Coronavirus Pandemic with 28% of cases from last September reported to the National Cyber Security Center (NCSC) being related to it.
The NCSC also reported there were an extremely high number of thwarted campaigns, around the fifteen thousand mark, that were using COVID-19 to bait users into clicking links or opening attachments containing malicious software. On top of this it was reported that back in April, Gmail was blocking more than 18 million phishing emails daily that are related to COVID-19, where the attackers were attempting to trick online users with fake emails promoting sales on PPE equipment and home testing kits as well as offering fraudulent badges for key workers claiming entitlements to supermarket discounts.
A more serious covid-related cyber threat came in July, when Russian hacking group “Cozy Bear” targeted the UK organisation involved in developing a vaccine for the virus.
How to spot COVID phishing emails?
Covid-related phishing emails can take different forms; so far these are ones that we are aware of:
- World Health Organisation (WHO) alerts - emails disguised to look like they’re from WHO have been sent out, falsely claiming to link to a list of coronavirus cases in your area. Keep any eye out for phrases like “You are immediately advised to go through the cases above for safety hazard” as a potential sign.
- Health advice emails - attackers are sending out emails offering medical advice to help protect against the virus. These emails may be claiming to come from medical experts in China. Avoid clicking links or attachments with emails containing the phrases “use the link below to download Safety Measures.”
- Workplace policy emails - cyber attackers are targeting employees’ workplace email accounts, requesting you download a fake company policy that’s been updated or created due to Coronavirus. Avoid clicking any links on any suspect emails and check with your employers about the legitimacy of the email.
Finding out reliable COVID information
If you want to find out any reliable covid-related information, it is best to go directly to trusted sources, which includes government offices and health care agencies. The World Health Organisation’s website is great for finding out the latest news and developments with the virus and the Gov’s website is useful to discover how many cases there are in your area.