How to identify cyber attacks in times of COVID-19

teleworking concerns and current context

share post

Cybercriminals do not stop their activity despite the health emergency and take advantage of the situation to carry out attacks in greater volume. This increase in cyberattacks has been exponential using the coronavirus as a pretext and abusing the ignorance of users and employees, who are manipulated to steal personal or company confidential information through links to malicious web content, fake portals and emails. impersonating the identity of an individual or organization, the latter being the most common and the one that generates the greatest uncertainty if we consider the teleworking situation of many employees.

Recently, INCIBE has shared some guidelines to help identify these malicious emails made with social engineering techniques. In general, these emails aim to attract attention through the following premises:

  • Urgency: It encourages its potential victims to open a link or download an attachment, insisting that it be done quickly, so that there is time to assess whether the information is trustworthy or not. This type of strategy is commonly used through phishing to banking entities.
  • Authority: This strategy tries to impersonate people or entities, both public and private, that are trusted by the victim and whose objective is to force them to carry out a certain action for the benefit of cybercriminals.
  • Willingness to help: The current situation also serves cybercriminals to take advantage of people's vulnerability and ignorance to extract all kinds of information. Above all, it seeks to extract the most sensitive, to later exploit it and obtain a return for it with third actions.
  • Gratuity: It is common for it to attract attention that a product or service is free or has a promotion. Currently, cybercriminals use this strategy to offer masks, disinfectant gels, Internet, electricity, gas, etc. for free.

Likewise, there are other factors that must be considered to avoid falling and being victims of these cyberattacks. It is important to look carefully at the origin of an email, if it belongs to an individual or a company. If it is the case of the latter, it could not come from a free email account such as Gmail or Outlook. It is also important to mention that if these emails come from a legitimate organization, they do not usually make mistakes in their writing or have the absence of a corporate signature at the end of the communications, so the absence of it can already be considered a sign of fraud to suspect.

In addition, the emails may also contain links that can redirect to websites that are programmed to spread malware and/or steal sensitive information. Attachments always represent a threat, so it is recommended not to open those communications that contain extensions such as:

  • .exe – The traditional Windows executable file.
  • .vbs – Visual Basic Script file that can also be executed.
  • .docm – Microsoft Word file with macros.
  • .xlsm – Microsoft Excel file with macros.
  • .pptm – Microsoft PowerPoint file with macros.

Cyber-attacks are becoming increasingly difficult for users to identify, and this increases the ease of cyber-fraud. By taking the necessary preventive measures, being aware of how cybercriminals are evolving their techniques, it is possible to stay one step ahead and reduce the risk of being the next victim and compromising information.

How to avoid these cases?

In the case of organizations and employees who exchange sensitive and/or confidential information on a daily basis, it is important to establish corporate tools that include advanced security policies such as encryption, encryption, antivirus filters, etc. Tranxfer is the corporate tool for sending and receiving corporate files that applies these advanced security policies and that allows the organization control, traceability and regulatory compliance of the files that enter and leave the company's perimeter.

With Tranxfer, avoid the abuse of email and collaboration tools for the exchange of information with external third parties (suppliers, customers, etc.). Discover the Tranxfer technical characteristics.

Get Started with Avada Crypto

Looking for help? Get in touch with us

More articles