During the COVID-19 (aka coronavirus disease) pandemic, we have heard daily the importance of good hygiene: maintain physical distance, avoid unnecessary crowds, and above all else, wash your hands. These acts of proper hygiene are meant to keep us safe as the virus continues to take its somewhat unpredictable course. Likewise, another important action we must all remember amid this crisis is to be sure that we are utilizing proper “cyber hygiene.”
As with washing your hands, cyber hygiene is a term within the cyber community to ensure computer users are not unnecessarily exposing themselves to computer viruses. Malware, ransomware, and other nefarious cyber viruses can infect computers, causing them to become “ill.” This causes them to fail to operate as they were designed and hurt us in the process.
Cybercriminals at Work
Cybercriminals have always used current events to help facilitate their crimes. In times of terrorist attacks or natural disasters, the cyber scams will appear online claiming to raise money for charity, or having you entering your personally identifiable information (PII) under the guise of confirming bank accounts. COVID-19 is just another opportunity for the cybercriminal. In this time of crisis, while many hard at work curing the sick, or others are simply out of work, the cybercriminals are keeping busy being their own unique plague to society.
Cybercriminals are leveraging concerns and fears over COVID-19 to steal passwords, data, and money. For example, it is estimated that nearly 50 percent of all coronavirus-themed domain registrations are likely to be either infected with malware or actually posted by malicious actors in an effort to draw in those seeking important information. A site that purports to have suggestions on how to avoid the virus can be designed to trick computer users to download malware under the guise of downloading medical information. Once a computer is infected, hackers can then access all the information within, including login credentials and passwords to bank accounts and other PII.
Even legitimate websites can pose a danger. For example, a major medical university tracking map had recently been targeted by hackers using malware to infect visitors seeking up-to-date medical information. In this scam, those visiting the website were instructed to download software, which generated a fake map that was infected with malware, thereby infecting the user’s computer. Fortunately, those working at the university were experts in both medicine and cyber security, discovering what the cybercriminals had been up to. They removed the malware and kept their website visitors safe.
Phishing scams have also been prominent during COVID-19, with emails filling inboxes that appear to be from the Centers for Disease Control (CDC). These are attempting to lure clicks to links that claim to offer information about the virus, yet they are just another vehicle to inject malware. Furthermore, while schools are canceling classes, cybercriminals are creating false emails to students and teachers alike, alleging to be from personnel such as the institution’s “health team” directing computer users to fake login pages that result in the theft of user credentials. User credentials to one website are often the same that the person might use for other websites, giving the criminal unauthorized access to a variety of locations.
Fortunately, there is a cure for the computer virus.
What You Can Do
Like good personal hygiene, use sensible cyber hygiene to avoid the viruses of the computer world.
• Be wary of anything you’re about to click, and make sure it is from a reliable source.
• Better yet, go to the source’s webpage and obtain the information directly from the site to avoid any chance of inadvertent contamination.
• Don’t download email attachments unnecessarily, even from people you know, as they might be unwittingly passing a malware-infected attachment.
• Keep your antivirus software and other programs up to date and be sure to run a virus scan of your computer regularly.
The coronavirus is doing damage, but eventually the threat will pass. However, computer viruses are here to stay. The circumstances may change, but the dangers of cybercriminals and their computer viruses are always the same. Fortunately, you have the power to protect yourself from the type of viruses that are limited to online. Doing so will not only help keep you safe, but it will also enable you to focus attention where it really matters: yourself, your loved ones, and your livelihood.
About the Author:
John Iannarelli is an associate at the Safety Institute and a retired FBI agent. He knows first-hand the procedures in an emergency; he was present and reported live for Fox News at the Las Vegas shooting in 2017. Iannarelli is the recipient of an Honorary Doctor of Computer Science in recognition of his contributions to the field of cyber investigations. For more information, contact: The Safety Institute, Nona@safetyinstitute.com.