As workers across the world adapt to homeworking, it makes sense to pause and remind everyone of some sensible precautions you should take to avoid scam emails. While several cities are reporting plummeting crime rates, some cyber criminals are adapting their practice to exploit the surge in remote working resulting from the Coronavirus pandemic.
There has been a rapid rise in phishing emails which appear to be from an official source. These emails try to trick users into clicking on a malicious link, which could download malware or gather personal information. So, your team would likely benefit from a reminder of some key red flags which they can look out for if they receive a suspicious email, text or even phone call. We strongly advise that you remind your team of good practice around cyber security in this respect and you can find some guidance on this in our articles on How to Recognise a Phishing Email.
Current warnings have been issued on scam emails seemingly from:
- Office 365 – there is a recurring phishing attempt where users receive what appears to be an automated alert email from Microsoft saying the user’s Office 365 account has been suspended. They are asked to sign in to reactivate the account and in the process give their log in details to a criminal.
- WHO World Health Organisation – the email claims to contain important advice on the outbreak. However, it has a malicious attachment which downloads a keylogger allowing criminals to gather personal information. There is another version which claims to offer the recipient with a list of cornonavirus infected people in their area. The user then clicks on a link which leads to a malicious website.
- HRMC – emails pertain to offer help with a tax rebate to support people through this difficult time. Users are urged to click a link and complete a form which gathers personal details which will be used to access their bank account.
Hopefully the information above will help your team stay safe during this period. We can also recommend the National Cyber Security Centre’s guidelines on home-working which are certainly worth a look.
If your team follow the guidance from our article above, these should help protect your systems.
RedMosquito are ISO 27001 accredited managed service providers and Cyber Security consultants.