There has been an increase in reports of malicious actors using the terms “Coronavirus” and “COVID-19” in phishing campaigns and malware scams, according to The Canadian Centre for Cyber Security. These actors are using phishing attempts in referencing the virus through mass emails that appear to originate from a legitimate source but containing malicious attachments or links. There are cases where “phishing has been used in an attempt to impersonate various health agencies.”

These mass emails are sent with the aim to get receivers to open attachments or click on links so as to open a gateway for threat actors to obtain personal information and gain unauthorized access to computers.

How to protect yourself

The Cyber Centre has outlined the following to help protect your devices from phishing campaigns and scams:

From Malicious Emails

  • Check to see if the address or attachment is relevant to the content of the email.
  • Be doubly sure you know the sender of an email.
  • Keep an eye out for typos.
  • Make use of anti-virus or anti-malware software on computers.

From Malicious Attachments

  • Check to ensure that the sender’s email address has a valid username and domain name.
  • If the email tone is urgent, be extra cautious.
  • If you were not expecting an attachment, make attempts to verify with the sender before opening.

From Malicious Websites

  • Check to see that URLs are spelled correctly.
  • Type the URL directly in the search bar of a search engine instead of clicking on the provided link.
  • If you must click on a hyperlink, hover your mouse over the link to check if it directs to the right website.

Four tips to keep cyber safe at all times

Passwords: Consider using unique passphrases and complex passwords for all your accounts.

Updates: Make sure you apply updates to your mobile devices, computers, and applications as soon as they are available.

Storage: Work on storing your data securely and be mindful of your backup procedures.

Protect: Keep your social media and email accounts secure and don’t share passwords with anyone.

To learn more about how to protect your organization from malware, go here.