Wednesday, Mar 25, 2020
BY: Team Nuspire
The recent COVID 19 pandemic has changed the way that businesses are operating around the entire country. Some businesses are forced to temporarily shut down, while others are trying to adjust to the changes of working remote and innovating new and unique ways to operate their business. Every business has been affected by this pandemic outbreak, and unfortunately, cyber criminals are using this outbreak to their advantage to target remote workers and health organizations via Phishing scams.
Phishing threats are nothing new but, with the outbreak of the coronavirus, this virus has provided cybercriminals with the perfect pretext for their phishing emails. At Nuspire, our team has identified a nearly 100% increase in malicious emails since the coronavirus originated in China in December 2019.
This virus, and the fear and uncertainty that it has produced, increases the probability that people will click on or open any email that claims to provide useful information about the outbreak. Additionally, with the increase in remote workers, those organizations might not have the proper cybersecurity best practices set up to proactively detect and block phishing threats from entering their mailbox.
Our team at Nuspire has seen Coronavirus themed phishing attempts within our sample mailbox that appear to come from the CDC along with health advice emails that attempted to steal user credentials. These emails can include a link or an attachment that downloads malicious malware on your computer.
In the healthcare industry, companies are trying their best to cater to patients and not break the system, while overcoming the challenge of not having the right equipment amidst this major outbreak. While these healthcare organizations are trying to overcome these challenges, security is getting lost in the shuffle. However, it’s crucial that organizations do not lose sight of cybersecurity.
Nuspire Threat Intelligence has identified a 150% increase of cybersecurity attacks in the Healthcare sector over the past two months. Hackers are using this virus as the perfect time to hold an organization that is already overtaxed with patient flow and uncertainty to ransom because they are likely to pay instead of face operational downtime during this critical phase of care.
How to Identify and Prevent
If you have an email come across your inbox that raises any red flags do not click on a link, open an attachment, or respond to the email. Instead, forward the email to your IT department and delete it from your device. By doing so, you not only protect yourself but enable your IT department to take action to protect coworkers who might not have been as careful!
A few other best practices for identifying a phishing email is to hover over a link in an email and ensure it is taking you to the intended destination. Also look for misspellings or poor grammar in domain names, email addresses, and the bodies of email and check to see if the sender’s email address is legitimate.
Overall, the best advice is to remain vigilant. Right now is a scary time for everyone, but making sure that you are aware of these types of threats is one of the best preventative measures while everyone does their best to adjust to these changes.