The news about the coronavirus pandemic gets a little more frightening with each passing day. The death toll in China has risen to the hundreds and a growing number of countries are closing their borders to travelers from at-risk areas. There’s suddenly a global shortage of surgical masks. And as with almost every worldwide news event these days – whether it’s as trivial as the finale of a popular TV show or as dire as a steadily-spreading, potentially-lethal pathogen – the scammers have come out to take advantage of the situation and your fear.
In the case of the coronavirus, we’re already seeing phishing emails that claim to have information on how to protect yourself from the disease, but in fact contain malware-bearing web links or attachments.
When an email or text message hits your mobile phone or laptop with promises of information, video clips, or photos about such a significant, attention-grabbing topic, you may relax your usual wariness long enough to click. The next thing you know, a ransomware infection has encrypted all your data, applications, and systems and is spreading throughout your company.
This cynical exploitation of a global health emergency provides a useful reminder that there are vultures everywhere, and they’re always scanning the horizon for the guileless to feast on. Here are a few best practices to help avoid becoming a victim yourself.
How to avoid phishing scams in three steps
Be wary of communications from people you don’t trust
That’s increasingly challenging these days. Many of us have to process thousands of messages daily in the course of our jobs, and both time pressures and fatigue can lower our security antennae. What’s worse, phishing scammers are getting better at crafting trustworthy-looking emails, increasingly with the help of artificial intelligence, often targeting specific individuals with details gleaned from social media and other online sources. As a general rule, if an email’s subject line touches on an issue that excites or troubles you, beware. Cybercriminals know that pushing your emotional buttons increases their chances of a successful phishing expedition.
Implement a cybersecurity awareness training program
If you have a risk management role in your organization, whether in legal, IT, security, or compliance, consider implementing a cybersecurity awareness training program. A typical component of this is the regular distribution of harmless phishing emails to employees. Anybody that falls for them gets follow-up emails showing the phishing telltales they missed and reminding them to be more vigilant. Other planks in such a program include refreshers on company IT security and compliance policies, tips on safer online browsing behaviors, and so on. These can be valuable for everyone, as almost everyone needs an occasional reminder of basic security do’s and don’ts.
Get your organization #CyberFit with cyber protection
Finally, consider upgrading your traditional backup regimen to cyber protection: a combination of data protection and cybersecurity featuring behavioral endpoint anti-malware. This will provide you with a safety net against the most destructive and pervasive types of malware that commonly use phishing as an attack vector, most notably ransomware. If someone in your organization falls for a phishing scam, coronavirus-themed or not, these defensive measures can save you from days or weeks of costly, business-threatening data loss and downtime.
Acronis can help. For more information on Acronis Security Services including Acronis Security Awareness training, visit us here. For more information on Acronis Cyber Backup with built-in, AI-enabled Acronis Active Protection, visit us here.
About Acronis
A Swiss company founded in Singapore in 2003, Acronis has 15 offices worldwide and employees in 50+ countries. Acronis Cyber Protect Cloud is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.