As the efforts to combat the COVID-19 coronavirus continue worldwide, fear and anxiety are high. And cybercriminals are seizing the opportunity to exploit those fears to get what they want – access and information. For them, a global pandemic is just another opportunity to trick people out of their credentials and gain access to personal and company data.
That’s why being aware of phishing – and how companies and employees can avoid falling victim to these attacks – is more important than ever.
Phishing uses deceptive communications to trick the recipient into providing personal or confidential information by disguising the outreach to look like it came from a trusted source. These camouflaged messages – they could be emails, text messages or even phone calls – will lure in potential victims with what looks to be wanted, needed or trusted information, urging them to click on links, open malicious attachments, or give out confidential information.
Below are a few ideas to help you avoid these tricks:
Nearly every data breach can be traced back to compromised credentials, with phishing being a very common method of attack. With the massive surge in employees working from home amid this global pandemic, exposure to the risks of phishing has exponentially increased for organizations around the world. And with the general population being asked to stay home to help “flatten-the-curve”, verifying customer identities with strong authentication is more important than ever to secure digital businesses.
Authentication is the single most important safeguard to prevent unauthorized account access. Using multifactor authentication (MFA) provides an added layer of protection by requiring additional credentials to enable remote access to an account. Even if a phishing scam exposes a password, MFA can prevent the attacker from getting into the network, VPN, cloud apps and more, and it helps minimize the attack surface.
That’s why MFA is quickly becoming a mandatory level of protection for organizations—and being offered to consumers for account access by banks, healthcare institutions and ecommerce businesses and cloud applications as well.
Everyone should be careful with messages related to the coronavirus: emails, attachments, any social media, texts on your phone…anything. Have them look out for topics like:
Be alert for:
We’ve seen several of these attempts over the past couple weeks:
The upshot: stay vigilant. If you need more background on phishing and other scams, StaySafeOnline from the National Cybersecurity Alliance is a great resource.
You can learn more about how Entrust Datacard powers secure identities and multifactor authentication at this link.