As a small business owner, you constantly have to watch out for cybersecurity threats. And with the coronavirus thrown into the mix, there are more cybersecurity attacks now than ever. In fact, Google sees roughly 240 million coronavirus-related spam messages per day. And, phishing attacks are up 667% since February (and still growing). To avoid cybersecurity attacks and keep your company safe, be on guard and know what red flags to look for.
4 Covid-19 cybersecurity threats to watch out for
With the coronavirus still in full swing, many business owners and individuals have a lot to worry about. And, scammers are feeding off that fear and worry.
Sure, scammers use our fears against us. But if you know what kinds of tactics to look out for, you can protect your business from those pesky cybercriminals. To avoid falling victim to hackers, keep your eyes peeled for these four cybersecurity threats.
1. Phishy Emails
Coronavirus or not, phishing emails are one of the biggest scams out there. And as time goes on, scammers are getting more and more creative with their phishing techniques.
With many individuals focusing on the coronavirus and currently working from home, hackers are posing as loan specialists, health officials, and national authorities. For example, cybercriminals are pretending to be from the World Health Organization (WHO) and Centers for Disease Control and Prevention (CDC) to trick you into clicking on insecure links and attachments.
Hopefully, you’ve already been on high alert for phishy-looking emails. If you haven’t, it’s time to start, my friends. So, you may be wondering, Mike, how do we know if an email is phishy? What are the signs? Glad you asked. An email may be a phishing attempt if it includes the following:
- Unfamiliar email address
- Generic greeting (aka “Dear Sir/Madam”)
- Spelling and grammatical errors
- Sense of urgency or demand for immediate action (e.g., Click here now or else …)
- Request for banking or personal information (e.g., Social Security number or bank-account info)
Even if the email doesn’t look phishy, you should always hover over links with your mouse and inspect them before you click to ensure they are going to a legitimate website. If you’re unsure about an email, have a member of your security team (if applicable) look at it for you. After all, it’s better to be safe than sorry …
2. Bogus websites
Another common scam in this coronavirus age is fake websites. Bogus websites began popping up left and right when the coronavirus pandemic started. And they aren’t going away anytime soon.
Cybercriminals like to link to these bogus websites in their phishing attempts (e.g., links in emails). The problem is, they also like to make bogus websites look like legitimate ones. Scammers may do this by using similar domain names to those of legitimate websites (e.g., http://www.example.com versus https://www.example.gov). Or, they may add company logos to fake websites to make them look more realistic.
Luckily, there are things you can do to make sure the website you’re visiting is legitimate. Before you begin clicking away, check the link (I can’t stress this enough)! Again, hover over the link before you click. Does the link seem long? Does it have a lot of random text, characters, or numbers? Do your research and compare the contents of the link to a legitimate link from the website.
In addition to checking your links, you should also take a few other precautions to verify the website is secure:
- Check to see if the website has a secure connection (hint: look for the lock icon in the search bar).
- Look for “https” in the URL instead of “http” (the ‘s’ stands for secure).
- Verify that the website has a privacy policy.
- Check for contact information on the website.
- Watch out for signs of website malware (e.g., suspicious pop-ups and fake-looking ads).
3. Fake advertisements
Another thing you need to watch out for when it comes to scammers’ coronavirus hoaxes is fake ads. You may see a bogus ad while searching for information online. Or, you may stumble across one on an insecure site.
Cybercriminals use fake advertisements to trick people into providing their information for things like coronavirus loans, stimulus checks, and more.
As with phishing emails, the ads may have a sense of urgency to them. For example, a bogus advertisement for a small-business loan may say something like, “Act now before funds run out.”
The bottom line is this: do not click on ads on unfamiliar websites and pages. And, I’m begging you my fellow business owners … don’t give out any of your personal or business information online if it’s not a trusted or secure website.
4. Phony phone calls and texts
True or false: Phishing can come from a telephone call or a text message. If you guessed true, then come on down and claim your prize.
As technology evolves, scammers find new ways to hack into peoples’ devices. Sometimes, phishing may be done in the form of text messages or phone calls (robocalls). And with 5 billion people sending and receiving text messages, there are plenty of targets for cybercriminals to attack.
If you receive a strange text or voicemail from an unknown sender or caller, do not respond or click on any links.
For text messages, the general rule of thumb is to use the same precautions as you would with coronavirus-related phishing emails. Don’t click on any links (especially if it’s a random phone number), watch out for spelling/grammatical errors, and don’t provide any personal information.
When it comes to phone calls, use caution. Don’t give away any personal information over the phone, especially your Social Security number or bank-account information. If you feel that a call is suspicious, trust your gut and hang up.
Protecting your business from coronavirus cybersecurity threats
At some point or another (especially during this coronavirus age), a scammer will try to get you to fall for an attack. Luckily, there are plenty of ways to dodge these cybersecurity attacks and keep your business safe from hackers.
To protect your business from coronavirus-related cyber attacks, you can:
- Think twice before you click on a link or an attachment (aka look out for suspicious signs).
- Watch out for red flags (e.g., sense of urgency in an email).
- Be leery of providing personal or business information.
- Report scams if you see one.
- Provide security training for employees.
- Use encryption for sensitive business information.
- Have security measures in place (e.g., firewalls).
The more prepared and educated your business is, the better. You can’t stop cybercriminals from coming after you, but you can sure as heck take measures to avoid security breaches.
This article was written by Mike Kappel from Forbes and was legally licensed through the Industry Dive publisher network. Please direct all licensing questions to legal@industrydive.com.