Given the steep rise in remote working to combat the spread of COVID-19, we’ve seen increased risk and activity around the area of cyber security. Scamwatch has received multiple reports of phishing scams sent via email or text message that claim to be providing official information on coronavirus but are attempts to try and obtain personal data.
COVID-19 related cyber scams
The Australian Cyber Security Centre reported on a COVID-19 themed scam via text message that appear to come from ‘GOV’ as the sender and include a link to find out when to ‘get tested in your geographical area’ the virus. The link is not legitimate and may install malicious software on your device, designed to steal your banking details.
A high level of precaution will be required to minimise disruption to business from these scams, which are becoming increasingly sophisticated and difficult to recognise.
What to look out for when protecting your cybersecurity
Scammers appear to be targeting the industries that people are most reliant on during this time, which includes health, banking and superannuation.
Spotting a scam early can be critical, with red flags being things like odd email addresses or malicious links. For companies, circulating a sample of COVID-19 related scams can give employees an idea of what to look out for.
Be aware of fraudulent emails claiming to be from experts saying that they have information about the virus. For the most up-to-date information about the coronavirus, visit the Department of Health and the World Health Organization (WHO).
Do not open attachments from people or organisations that you don’t know. Scams and cyber-attacks often use links to reel people in and download viruses onto your computer or device. Cold call scams are also increasing, often claiming to be banks or health organisations. In both cases, you should not give your personal details without conducting research to confirm the validity.
Checking the validity of a potential scam
Some scams are highly sophisticated and able to fool even the most savvy of internet users. If you’re unsure of whether or not an email, message or call is a scam, you can check its validity by visiting the official company website that it claims to be and contacting the relevant address there.
Conducting an internet search using the exact wording of the text or email you have received can be an effective way of identifying a scam. Often, but not always, recent scams are posted online to increase awareness and prevent any further damage.
Risk management
Emergence Insurance has created an article with helpful strategies to manage your cyber risk here. These strategies include reviewing your business continuity plans, updating systems with the most recent security patches, implementing multi-factor authentication for systems and resources (including cloud services) and, most importantly, ensuring your team is informed and educated on safe cyber security practices.
Cyber insurance
Insurance works as your safety net should your business be targeted by a cyber-attack or experience a data breach. Allsure Insurance has access to policies that can include business interruption loss due to a network security failure or attack, human errors, or programming errors, as well as liability arising from failure to maintain confidentiality of data.
Find out more or get a quote specific to your needs and your business by contacting us.