How To Defend Your Company Against Coronavirus Cyber Scams
By Steve Cobb, CISO, One Source
If the ever-changing coronavirus didn’t put us on high alert enough, the Department of Homeland Security’s The Cybersecurity and Infrastructure Security Agency (CISA) is warning individuals across the U.S. to be on alert to defend against scammers who use the coronavirus health crisis as bait to push their scams over the Internet.
To keep your organization safe during this vulnerable time we hope that you will use this blog as a means of encouraging your employees to take precautions so that they won’t fall victim to a cybercriminal.
AWARENESS AND EDUCATION FOR YOUR EMPLOYEES
Of course, safety starts with an internal communication to your employees to exercise caution when handling any emails related to the Coronavirus. Your employees are your best line of defense when detecting phishing and cyber scams. Phishing emails steal data by tricking users into believing they are interacting with someone or a company they trust. According to phishing defense technology company Cofense, as much as one in seven emails sent to professionals contains a phishing message.
Here are some pointers to provide your employees:
- Be mindful of subject lines pertaining to COVID-19 or Coronavirus – Use trusted sources such as legitimate, government websites for up-to-date, fact-based information about the Coronavirus
- Do not reveal personal or financial information in email, and do not respond to email solicitations for this information
- Be wary of emails received from unknown senders
- Do not open unexpected attachments
- Do not click on unexpected hyperlinks
- Be wary of pleas requested aide or assistance – Verify a charity’s authenticity before making donations
PREPARE YOUR EMPLOYEES AHEAD OF THE THREAT
Of course, the best line of defense is advanced preparedness. These days the most forward-thinking IT teams are achieving higher awareness and changing user behavior by following some modern best practices like leveraging online learning and simulations sited in this article “Changing User Behavior Core To Averting Phishing Disaster.”
EMPLOYEE ACTION IN THE EVENT OF A PHISHING ATTEMPT
If an employee suspects an email to be a phishing attempt, it is advised to instruct them to follow current company procedures for reporting suspicious emails. For One Source customers, instruct your employees to mark the email with their Report Phishing Cofense button embedded in their email for the One Source SOC team to assess any potential threats in the email.
Should your organization benefit from consultation and best-practices, please don’t hesitate to contact us at One Source (877) 651-1650.
- Recommendations to Navigate the Complexities of Cybersecurity Insurance
Jul 29, 2022
- Steps to Guard Against Russian Cyber Attacks
Jun 20, 2022
- How to Prepare Your Network for Cloud Transformation
Apr 22, 2022
- How To Get More Out Of Your 2022 IT Budget
Feb 2, 2022
- SD-WAN vs. MPLS: What You Need To Consider For Your Organizations Network
Dec 16, 2021
- Why Shadow IT Opens the Door to Cybersecurity Risks
Oct 28, 2021
- What is Shadow IT?
Oct 7, 2021
- POTS Replacement – Waiting Is No Longer An Option
Sep 9, 2021