How To Defend Your Company Against Coronavirus Cyber Scams
By Steve Cobb, CISO, One Source
If the ever-changing coronavirus didn’t put us on high alert enough, the Department of Homeland Security’s The Cybersecurity and Infrastructure Security Agency (CISA) is warning individuals across the U.S. to be on alert to defend against scammers who use the coronavirus health crisis as bait to push their scams over the Internet.
To keep your organization safe during this vulnerable time we hope that you will use this blog as a means of encouraging your employees to take precautions so that they won’t fall victim to a cybercriminal.
AWARENESS AND EDUCATION FOR YOUR EMPLOYEES
Of course, safety starts with an internal communication to your employees to exercise caution when handling any emails related to the Coronavirus. Your employees are your best line of defense when detecting phishing and cyber scams. Phishing emails steal data by tricking users into believing they are interacting with someone or a company they trust. According to phishing defense technology company Cofense, as much as one in seven emails sent to professionals contains a phishing message.
Here are some pointers to provide your employees:
- Be mindful of subject lines pertaining to COVID-19 or Coronavirus – Use trusted sources such as legitimate, government websites for up-to-date, fact-based information about the Coronavirus
- Do not reveal personal or financial information in email, and do not respond to email solicitations for this information
- Be wary of emails received from unknown senders
- Do not open unexpected attachments
- Do not click on unexpected hyperlinks
- Be wary of pleas requested aide or assistance – Verify a charity’s authenticity before making donations
PREPARE YOUR EMPLOYEES AHEAD OF THE THREAT
Of course, the best line of defense is advanced preparedness. These days the most forward-thinking IT teams are achieving higher awareness and changing user behavior by following some modern best practices like leveraging online learning and simulations sited in this article “Changing User Behavior Core To Averting Phishing Disaster.”
EMPLOYEE ACTION IN THE EVENT OF A PHISHING ATTEMPT
If an employee suspects an email to be a phishing attempt, it is advised to instruct them to follow current company procedures for reporting suspicious emails. For One Source customers, instruct your employees to mark the email with their Report Phishing Cofense button embedded in their email for the One Source SOC team to assess any potential threats in the email.
Should your organization benefit from consultation and best-practices, please don’t hesitate to contact us at One Source (877) 651-1650.
- All SOCs Aren’t Created Equal: Questions Mid-Market Companies Need to Ask When Evaluating a Cyber Security Partner
May 27, 2020
- 5 Cybersecurity Misconfigurations to Avoid that Reduce Cyber Risk by 75%
May 5, 2020
- 5 Types of Cyber Attacks Most Threatening to Small-Midsize Businesses
Apr 20, 2020
- Your Remote Workforce Emergency Plan: 3 Things Your IT Department Can Do in the Next 30 Days
Mar 24, 2020
- 6 Quick Cybersecurity Must-Haves to Support a Remote Workforce
Mar 16, 2020
- How To Defend Your Company Against Coronavirus Cyber Scams
Mar 12, 2020
- One Source Pioneers Movement of Cyberattack Preparedness to #DefendNC
Feb 26, 2020
- Why It’s Imperative for Mid-Market Companies To Fund Cybersecurity During Current Lockdown
Feb 24, 2020
- Changing User Behavior Core to Averting Phishing Disaster
Feb 5, 2020