Hackers are taking advantage of the coronavirus global health crisis to attack organizations of all sizes. Alert your personnel to keep them security aware!

So many of us have been disrupted and confused by the unprecedented changes of the past few days. Like us, you and your employees are probably anxious about the coronavirus, concerned about loved ones, and still trying valiantly to do your jobs and adjust to the current reality.

Unfortunately, bad actors are exploiting our vulnerability and disruption. They are blasting out coronavirus-themed phishing emails and malware in order to steal credentials and financial information, infect networks with ransomware, and cause other disruptions. Employees – anxious, distracted, and looking for news on the virus – are falling for these attacks.

Please alert your employees to this dangerous trend!

 “Cyber criminals are exploiting the Coronavirus through the wide distribution of mass emails posing as legitimate medical and or health organizations. In one particular instance, victims have received an email purporting to be from a medical/health organization that included attachments supposedly containing pertinent information regarding the Coronavirus. This lead [sic] to either unsuspecting victims opening the attachment causing malware to infect their system, or prompting the victim to enter their email login credentials to access the information resulting in harvested login credentials.”
— From the United States Secret Service COVID-19 (Coronavirus) Phishing Alert, March 9, 2020

Train your employees to be safe online, even when working remotely!

  1. Only rely on trusted sources for coronavirus information, such as CDC or WHO websites.
  2. Avoid opening attachments or clicking links in emails you do not recognize or expect.
  3. Do not download applications about the coronavirus to your computer or phone. For example:
    1. Password-stealing malware hiding behind “Coronavirus Map” download
    2. Fake coronavirus Android app “COVID-19 Tracker” is actually ransomware
  4. Watch out for fraudulent coronavirus-related products or charities.
  5. Quickly alert your IT team or Security Officer if you suffer an attack or spot something “phishy.” Hiding an attack only makes it worse!

Employee Security Awareness – Even More Important During Remote Work

Employee security awareness training is one of the most important investments an organization can make to protect itself online. Remote employees might be outside the firewall, away from other protections of the computer network, but they can always be security aware.

If your organization doesn’t have a high-quality security awareness program – with engaging training, updates throughout the year, and phishing assessments to keep employees sharp – then get one! Employee security awareness training makes a real difference in protecting your organization from hackers and cyberattacks all the time, but especially in crisis situations like this where other security controls are stretched to their limits.

Eagle offers security awareness training as a service. We can get your organization set up quickly and painlessly, even during this difficult time. If you are interested, please call us for more information at 216-503-0355 or email gpritts@eagleconsultingpartners.com.

Pin It on Pinterest