Ideas and best practices to help you protect your finances and personal information in the current environment.
The coronavirus has disrupted many aspects of daily living and precipitated changes that touch all facets of our working and personal lives. As we seek information from trusted sources and rely more than ever on online platforms to communicate with friends, family and loved ones, criminals will attempt to capitalize on our changed circumstances. Established cyber security scams, such as spoofed websites and phishing emails, are being repurposed to offer health information or safety resources while delivering malware or stealing personal information.
“Cyber criminals are known for exploiting unfamiliar circumstances, particularly in times of great change,” says Craig Froelich, Chief Information Security Officer for Bank of America. “By acting quickly and knowing what to look for, businesses around the world can identify and eliminate coronavirus-related scams as we work to protect what matters most.”
“Cyber criminals are known for exploiting unfamiliar circumstances, particularly in times of great change. By acting quickly and knowing what to look for, people around the world can identify and eliminate coronavirus-related scams.”—Craig Froelich, Chief Information Security Officer, Bank of America
Recent cyber scams include:
- A downloadable app for tracking coronavirus cases, which resembles maps created by legitimate public health institutions but contains malware that can infect or freeze devices.
- Phishing scams, in which fraudulent emails that appear to come from the World Health Organization, the Centers for Disease Control or charitable organizations request personal information or urge recipients to click on malware-infected links.
- Robocalls offering coronavirus treatments or assistance with government stimulus payments, in which personal information is requested.
Despite these concerns, you can protect your personal information and devices by following a few essential cyber security practices and by familiarizing yourself with the most prevalent types of cyber crimes.
As the coronavirus has us seeking information online to help protect and care for our families and loved ones, and spending more time working from home, it helps to remember the key ways cyber criminals try to take advantage of us.
Phishing messages are emails that appear to originate from known or credible sources, but are in fact from cyber criminals trying to gain access to your personal information or infect your devices with malware.
Vishing attempts—voice combined with phishing—come via your phone. Robocalls are a method used to scam people and businesses out of data and money. Criminals will create a sense of urgency to incite quick responses from their targets.
News apps can help you stay current with latest developments, but you must ensure all apps you download to a device come from reliable sources. Cyber criminals can create apps which, when downloaded, can infect devices with malicious software.
As private citizens seek current information, cyber criminals also are spoofing websites that provide updated information about the coronavirus, hoping that visitors will click on embedded links.
How to proactively protect your personal information and devices:
Only use wireless networks that are secured and require a password. Be sure to change the password on your home router from the factory setting, and create a new password that is at least eight characters long.
Restrict your use of all public Wi-Fi networks. If you must rely on a public network, use a virtual private network (VPN).
Don’t fall for the bait. Verify the URL of any site you visit, particularly if you are loading it for the first time in your browser.
Don’t respond to emails from unknown senders or click on any links embedded in these messages.
Verify messages even if you know the recipient. Cyber criminals use social engineering to impersonate people you may know through email or social messaging. Call the sender if you see anything suspicious in the message.
Keep your systems and software updated. System and software updates ensure that the latest security patches are installed on your devices.
Don’t delay. Acting quickly after an incident can help minimize damages.
Call the police and file reports with the relevant local authorities.
Document everything about the incident. The more information you have, the better armed you will be to assist an investigation by your company and law enforcement officials, and the better prepared you will be against future incidents.
Change all passwords that may have been breached.
Contact your bank to freeze transactions as soon as you can.
Reach out to friends and family to be on the alert for suspicious communications that appear to have been sent by you.
Monitor your bank accounts for suspicious activity in the aftermath of an incident.