The ongoing COVID-19 situation is causing wide-spread disruption of society, from industry and commerce to our daily lives. Unfortunately, scammers are already trying to take advantage of us on digital platforms, which are crucial to keeping us all connected in times like these.
“Criminal activity by hackers and fraudsters exploiting people’s uncertainty and fears have already begun. We have seen cases where people have impersonated the World Health Organisation (WHO) and critical national authorities to conduct fraud, spread fake information, and carry out so-called phishing attacks to obtain sensitive information through e-mail and telephone.
7 ways to help us all stay cyber-safe
Luckily, there are many actions you can take in your own way of work and daily business to stay cyber-secure.
- Be aware of fake information. Only trust information from verified official sources. A crucial step in a hacking attempt is often for the hacker to mask their identity as someone you would usually trust, what we call impersonation. The WHO and NCDC (National Centre for Disease Control), are typical victims of such impersonation. The WHO has found it necessary to inform about how they will communicate on their websites to help people not fall victim to hackers. Only trust information about COVID-19 from official sources. If in doubt, visit the official source on their website directly to see what information is available there.
- Verify that the sender is who they claim to be. This can be done by checking if the e-mail address is the correct address of the alleged individual or organization, or by contacting the sender through alternative communication by calling or sending SMS to verify if they have sent you the e-mail or not.
- Verify links in e-mails before you click on them. This can be done by hovering the mouse over the link to see if the link actually leads you to where it says it will. On your phone or tablet, you can click and hold your finger or stylus pen on the link until a window pops up displaying where the link will take you. Make sure to verify that the domain is legitimate.
- Be wary of unknown messages urging you to open attachments. Verify that the attachment actually comes from who it claims to be. Is the e-mail expected? Typical warning signs are a language that plays on fear and urgency to open the attachment NOW or else something bad will happen.
- Be skeptical of requests to provide sensitive information such as username, passwords or credit card details. Official organizations will never ask for such information openly on e-mail, and they will never ask for your password.
- Report suspicious activities. Contact the security department in your company or check if national authorities have a reporting mechanism for citizens to report cyber-crime.