Sick crooks are using the Coronavirus crisis to target people online, playing on their health fears, a leading cyber-security company has warned.
C3IA Solutions said emails purporting to offer COVID-19 test results and cures and selling protective equipment have been circulating.
Many domain names featuring ‘Coronavirus’ and ‘COVID-19’ have recently been registered and some are likely to be fraudulent – set up to take advantage of the situation.
Working from home can increase the risk of a cyber-attack because the security is not always as tight as it is in an office.
Matt Horan, security director of C3IA Solutions, which is based in Poole, Dorset, said: “Make no mistake, there are people out there seeking to take advantage of the situation. Phishing emails are landing in people’s inboxes and it can be very tempting to click on them if you think it contains important information about the Coronavirus.
“They can be cleverly worded and can look official. But clicking on one of these emails can infect a computer, leading to the loss of important and sensitive data. Some emails are designed to take money by offering products that don’t exist.
“With everyone more dependent on the internet for purchasing goods and services, the risk has grown. We urge employers to communicate the risks to their workers and for everyone working at home to exercise extra caution. While those who were already set up to work from home will be as secure as they are in the office, many now working from home will not be.
“If you receive an email that claims to have sensitive health-related information, don’t open the attachments. Instead, visit your medical provider’s patient portal directly, call your doctor, or make an appointment to directly confirm any medical diagnosis or test results.
“You can make yourself more resistant to phishing scams at home by implementing some of the best practice configurations such as the Government’s Cyber Essentials schemes. These will protect you from the vast majority of common cyber-attacks, including phishing attacks, malware, ransomware, password guessing and network attacks.
Cyber Essentials is also recommended by the Financial Conduct Authority and it can be accessed remotely.”
