The recent pandemic outbreak has seen a huge proportion of the workforce move to reliance on home systems and networks vs their robust workplace environments. Additionally, there is just a lot more traffic online as users look to retain communication channels with co workers and clients alike. A 2 minute chat on the office common is now an email or a Zoom meeting. None the less, with more traffic and content online, those looking to deploy ransomware and other nefarious programs are taking advantage of peoples flustered state and attacks are on the rise.
The fear that people are feeling in these uncertain times is being exploited attackers are using peoples "want" for information about the COVID 19 pandemic as a means of getting access to systems. All it seems to take is a promise of a cure or a new strain variation threat to get someone to click on any given link for more information.
Numbers circulating the cyber security world suggest a 250-300% increase in confirmed or attempted attacks across the last 3 weeks as this is written (16th April 2020). Most of these attacks are from a process referred to as "Whaling" and its a ploy specifically aimed at small to medium sized businesses. The attacker creates an email address very similar to the official company one, maybe a letter or two out and then sends instruction to key personnel requesting funds transfers or transactions to be completed.
Key warning signs of these emails or emails containing phishing links can be;
Links that change when you hover over them. Generally the lower left corner of your screen or a highlighted box will show the true destination link. Make sure it looks legit and is in line with where you would expect this request to take you.
Spelling errors. This is always a big one. So many of the communications we have sighted over the years that are involved in attacks contain a plethora of spelling mistakes or grammar issues. Make sure you don't just overlook these as a hurried email being bashed out and treat this as a red flag of sorts.
Personal Info requests. If an email is pushing you to provide personal information such as ID numbers or credit details make sure you take your time and really review the communications that are in front of you. Do any of the red flags in this article appear? If so, this may be the time to take control of the communication and look to re establish it through what you know to be official channels.
Pushy or Abusive. Finally, if the communication is charged with an emotive ie "do this or else" then its a massive marker to review all of the above.
Ultimately everyone will be forced to communicate online a lot more across this pandemic and this scenario, like any great change, will have unsavory characters waiting on the sidelines to take advantage of any situation they can. Stay vigilant, and take your time with anything that looks phishy.
For more from the New Zealand Government on the state of cyber security and tips for working from home visit the CERT site via: https://www.cert.govt.nz/about/news/covid-19-supporting-people-to-work-from-home/
If you have been attacked by ransomware, please contact our labs via the below link and we can discuss options for shedding infected files and recovering your data: CLICK HERE or call us direct on 0800 328 2522.