IT Blog Articles | Entech | Tech Tips & Tricks for SMBs

Watch out for these pandemic spoofing & phishing tactics

Written by Entech | Oct 1, 2020 10:00:00 AM

In the wake of the COVID-19 outbreak, everyone is facing some level of disruption. Employees are working remotely, businesses have had to find creative ways to adjust to the new normal, and information related to the pandemic keeps changing. Unfortunately, hackers are taking advantage of the resulting confusion with phishing emails and spoofing attacks. From fake COVID SBA loans to malicious apps, find out which scams to be aware of by employing a cybersecurity strategy.

Where hackers are focusing their attacks

The threat of a cyberattack is nothing new for businesses. The problem now is, there are more attacks and more types of threats out there. A lot of these attacks are targeting businesses and even government institutions, as well as individuals.

The International Criminal Police Organization (Interpol) shared in a recent report that malicious actors have shifted focus from “individuals and small businesses to government agencies and the healthcare sector” because they can make bigger financial demands. There’s also been a 238 percent increase in cyberattacks against banks linked to COVID-19. Additionally, the FBI’s Cyber Division reports a 300 to 400 percent jump in cybersecurity complaints.

Techniques cyber hackers are focusing on

The variety of techniques is always evolving. One of the spoofing tactics that cyber hackers use is to exploit subjects that are highlighted in the current news cycle. For example, they’ll send phishing emails asking recipients to share personal data in exchange for their stimulus check when news comes out about the stimulus bill.

Another tactic is to use working-from-home schemes. With so many people out of work, many are desperate to bring in an income, making them more vulnerable to scammers. By pretending to be a potential employee, a scammer will ask for personal data such as bank account routing numbers and social security numbers. Once a hacker has access to this info, they can use it to commit fraud.

They’re also going after cloud-based apps such as Zoom and Ring.io. Attacks on web and cloud applications have doubled from 2019 to 2020.

Other techniques include impersonating a health authority or government authority, sending vaccine offers, or masquerading as a COVID-19 charity looking for donations. These spoofing tactics play on people’s fears, hopes, and uncertainties to compel recipients to download malicious content or share sensitive data. You need to guarantee the safety of your business with a cybersecurity strategy. 

Types of scams cyber attackers are using to exploit the pandemic

Cyberattacks can come in different forms, but here are some of the most common being used right now:

  • Spear phishing – This type of attack uses emails, instant messaging, social media, or other platforms to compel users to share personal information or take an action that would compromise their employer’s network, resulting in data loss or a financial loss. Globally, 59 percent of cyber scams are coming from spear phishing attacks.
  • Fake SBA COVID loans – Scammers and hackers have been calling, emailing, and sending letters to small businesses offering fake government grants or help getting a COVID SBA loan.
  • Malicious COVID-19 apps – To help people track COVID-19 outbreaks and stay on top of pandemic-related data, a number of coronavirus-related apps have been released. Some of these are malicious apps loaded with ransomware or malware.
  • Zoom attacks – A lot of businesses are using Zoom for remote work. The problem is, hackers can enter meetings, which can lead to the leak of sensitive information.

How to protect against pandemic cyberattacks

To keep your business safe from phishing emails and spoofing attacks, educate employees about the risks. It’s better to question emails, social media, and other forms of communication any time there’s a request to share information or download something. It’s also important that your business has a cybersecurity strategy in place that can stand up to the ever-evolving threat landscape. Reach out to Entech today if you have any questions.