The adage "never let a good crisis go to waste" applies to hackers everywhere. And the Coronavirus is the perfect crisis to exploit.
Sophos, one of Adept's security vendors, reports on one Coronavirus scam. They explain, "The fake page consists of the official, current home page of the World Health Organisation (WHO), with an unassuming popup form on top of it. Of course, if you put in your email address or your password and click through, you’ll be submitting the filled-in web form to the crooks."
Read the full article, "Coronavirus 'safety measures' email is a phishing scam," which also includes nine tips to help you spot a phishing email. Below are the highlights of the list.
- Never let yourself feel pressured into clicking a link in an email. Most importantly, don’t act on advice you didn’t ask for and weren’t expecting.
- Don’t be taken in by the sender’s name. . . the sender can put any name they like in the From: field.
- Look out for spelling and grammatical errors.
- Check the URL before you type it in or click a link.
- Never enter data that a website shouldn’t be asking for.
- If you realize you just revealed your password to impostors, change it as soon as you can.
- Never use the same password on more than one site.
- Turn on two-factor authentication (2FA) if you can.
- Educate your users.
Be cautious with every email you receive--that way, you can avoid a crisis in your inbox!