Hackers will use any tool at their disposal, including health crises.
Public fervor over the coronavirus is impossible for someone not to take note of, which includes potential hackers.
On Thursday, March 5th, Naked Security by Sophos issued a warning stating that malicious emails fraudulently claiming to be the World Health Organization are being used to lure victims to download a “statement” from the WHO.
The initial email was found in Italy, where Covid-19 is having a greater impact on public life. The email encourages users to download a Microsoft Word document containing macros that ultimately result in the infection of a well-known strain of Windows malware called Trickbot.
Be on the lookout for similar types of attacks.
If these attempted attacks in Italy prove successful, look for similar attacks and variations to grow in popularity in the United States.
Social engineering is any tactic that a hacker uses to capitalize on a person’s laziness, fear, carelessness, trust, etc. After all, hacking a human is much easier than hacking a business.
What you can do
Beyond being personally aware of said attacks, there are multiple factors that decrease the probability of a social engineering attack on your business/organization. According to our partner, Knowbe4 the use of the following can prevent 90% of social engineering attacks:
- Use of an Incident Response Team
- Extensive use of Encryption
- Employee Training
- Business Continuity Management
If you have any further questions about implementing an Incident Response Team or Employee Threat Awareness and Education, please reach out.
Download our infographic and learn how to identify a phishing scam when you see one.
Other Articles You Might Be Interested In:
Disaster recovery plans are vital, not just important. Data becomes lost, deleted, purged, corrupted, all the time. Without that measure in place, data is truly lost. There does seem to be confusion on what constitutes a Disaster Recovery plan, however. While many...read more
Data backup is a critical part of an organization’s overall disaster recovery plan. The concept of data backup is simple: you make copies of your data and store them in a different location in case data is lost or destroyed.read more
Founded in 1999, ITonDemand helps businesses and associations across the US achieve growth by guiding and supporting IT infrastructure and providing cybersecurity management. ITonDemand’s Core Solution and Security+ have been recognized among both Managed Services and Cybersecurity Providers as a member of the MSP Pioneer 250 and the Top 200 MSSPs.