The answer to the question “What is spreading quicker than Covid-19?” is……FRAUD! To be more exact, cyberthreats, cybercrime and cyberattacks.
Interpol has the slogan “Be Vigilant, Be Skeptical, Be Safe”. This relates to the general shift of focus from cyber defenses to focusing on the current health crisis playing out in the world today, with Covid-19 leaving no country unscathed.
So, the question is? How are you fairing when it comes to keeping the focus on a real threat to your personal information and fraud risk?
Covid-19 is well and truly entrenched in the lives of every single global citizen in the world today. A day does not go by without an action, thought or conversation related to this life changing global pandemic. We truly find ourselves connected as a community more than ever before because of Covid-19. There is much to still learn and understand as to how this whole pandemic plays out and unfolds, but that insight will only come over time.
What we do know, is that we find ourselves in a Global Crisis and as the saying goes, “never let a good crisis go to waste”. Well, the criminals are not letting it go to waste. They are capitalizing on it in the voracity and vigor usually associated with criminals. A cyber attack is the last thing you would like to worry about during these tough economic times, but they are on the rise and infiltrating our private and business environments even as we speak, so drastic steps need to be taken NOW!
According to the Association of Certified Fraud Examiners (ACFE), 90% of fraud examiners have seen a significant increase in fraud, the top five being phishing attacks (75%), charity and fund raising fraud (69%), fraudulent vaccines, cures and Corona Virus testing (65%), third-party seller and buyer scams on legitimate eCommerce platforms (63%) and finally business email compromise (62%).
The threat is real for individuals and companies no doubt, we too have become far more digitally connected and digitally transformed thanks to the current focus of socially distancing ourselves from each other to suppress the spread of the virus, our only current solution to fighting the pandemic. As we continue to carry on as social beings i.e. living, working, and socializing; we continue to do so but with one massive change to the norm and that is doing it alone through the lens of the glass.
As digital connectivity ramped up over the last three months, to ease digital communications via all digital channels, so ramps up the risk around Phishing/smishing (Phishing but in a text message) resulting in malware and ransomware attacks. This alone could prove disastrous for an individual’s personal sensitive information as well as their physical devices that are compromised but also the company IT infrastructure that they have connections into via VPN be it into their clients environment or naturally their own company IT environment.
So how does one ensure that they mitigate all risk? Simply put, always be skeptical.
- First and foremost, avoid opening any communications be it a pop-up page on a website or perhaps an email or a mobile text message with a suspicious link or attachment attached to the communication or placed within the body of the email. It is always important to check and ensure that any response or communication is a valid authentic contact of yours before responding, never share any personal credentials to anyone.
- It is very important to keep the home network security top of mind, ensure that home network security is strengthened. It is important to ensure all standard security and privacy settings are enabled on all applications running on the device. Password management needs to be effectively managed across all applications and devices. Two factor authentications should be enabled wherever possible.
- From a company point of view, its vitally important to keep all standard IT housekeeping in order. Patch management is important to ensure that vulnerabilities are kept to an absolute minimum due to continuous software and firmware upgrades. Decommission all inactive devices/servers, in fact any IP facing devices. Apply, maintain, and manage a robust bring your own device (BYOD) policy within the company, including all contractors. Carry out internal and external penetration audits bi-annually and finally ensure that there are measures driven within the company to ensure that security is always kept top of mind with all employees.
The biggest risk is human risk and your organization is only as strong as the weakest link.
My advice to all is to Be Vigilant, Be Skeptical and Be Safe!