Coronavirus-Related Scams: Part One of a Four-Part Series to Help You and Your Business Avoid Being Victimized
In March, businesses across the world rushed to implement a remote workforce to keep their companies afloat amidst the chaos created by the COVID-19 pandemic. Though many organizations successfully transitioned employees from working in the office to working at home, cybersecurity best practices were left in the dust in many cases.Now that your remote workforce is in place, there are some scams and security to be aware of. Even more important, you need to know how to combat those obstacles as we work to beat back the coronavirus. Below are some of the scams and threats your business and employees now face along with methods for tackling them.Coronavirus PhishingMost of us are keeping a close eye on news related to the coronavirus and bad actors are using that to their advantage. Warn your employees to beware of emails, SMS (text messages), and WhatsApp messages from unknown sources claiming to have information or news about COVID-19. Cybercriminals will often impersonate legitimate organizations or people to trick targets into clicking on links, sharing personal information, or even sending money to charity.Warn your remote workforce to be especially suspicious of messages about the virus or pandemic. Tell them that if they don’t know the source or it seems out of character for the source to be sharing such information, to do nothing: Don’t click, don’t reply, and certainly don’t share. Remind them to be vigilant about checking the email address from which the message was sent and not just a display name.Social Media ScandalsIf you or your employees are on social media such as Facebook, you’ve probably seen the #Classof2020 challenge and other scams to separate you from your hard-earned money or personal data. Here are a few things to be leery of when it comes to social media during the quarantine.The #Classof2020 Facebook challenge asks people to post their high school senior photos to support this year’s graduating class as many high schools, colleges, and universities have postponed or completely canceled their commencement events. Along with photos, many people are posting information such as the high school they graduated from and the year they graduated. The problem is cybercriminals can use that information against you.The Better Business Bureau (BBB) has issued a warning about this as scammers can use such information including your high school mascot or graduation year to steal your identity or hack your accounts. Security questions often include such information along with your full name, birth date, and place of residency which is easily found online.In addition, there are other social media challenges that have popped up to gather personal information under the guise of social sharing. Through “favorite things” challenges including listing the cars you’ve owned, your favorite athletes, and your top television shows, thieves can learn even more about you. Again, the BBB warns these “favorite things” lists are common passwords or security questions so be careful about what you share online.Warn your remote workforce to resist playing along with social media quizzes that reveal personal information. While everyone is bored at home, the temptation to participate in such “favorite things” polls is overwhelming but explain this could damage not just them personally but your business as well, especially if they are conducting work on their own devices.Remind them to check their security settings on social media platforms so they are careful about who they are sharing with and tell them to apply the highest level of security possible. You can also suggest that they change their security questions, settings, and passwords on their banking and other websites frequently to help prevent a hack that could impact them as well as your business. The BBB offers cybersecurity tips online and even has a scam tracker you can share with employees so they can stay updated on the latest scams to avoid becoming a victim.Scan Every EndpointNow that your employees are working, it’s time to scan every device they are using for security analysis. If your employees are using their personal mobile device and desktop computer at home to work, you must identify the current security on each. This means looking at what firewalls, backup, antivirus, and the like they have in place for these devices to see where private information or data are at risk. Then you have to plug those holes.For more information about current COVID-19 scams, remote workforce security threats, and how to apply cybersecurity best practices for your business, contact ORAM Corporate Advisors now at (617) 933-5060.