Cybersecurity: Do not let your guard down during COVID-19

Many people who are accustomed to a traditional office environment are finding themselves transitioning to work from home during the COVID-19 pandemic.  Hackers and scammers are taking full advantage of this and are targeting their phishing attacks to exploit current events.  An email from your supervisor or executive two weeks ago asking: “Are you in the office? Can you do me a quick favor?” may have been easily dismissed and deleted, especially if the alleged sender works two doors down and you just saw him or her walk by with a cup of coffee.

Now imagine you are working from home or you are part of a small number of employees who are continuing operations in the office, all the while being encouraged to keep a distance from others.   You receive an email: “Hi, I am stuck and can’t access our system. I am working with IT, but it could take a while, can you do me a quick favor?”  You want to immediately and automatically say yes, but take a minute to evaluate the email.

1. Treat every email like it could be from someone other than the alleged sender.
2. Check the sender’s email address and hover over any hyperlinks checking for typos and if the link is to a different website than the link shown in the actual email.
3. What about context and tone? Does this communication have the “voice” of the sender, and would you be the most likely person he or she would contact with this request?
4. Do not click on links, send information, or take action without doing your due diligence. This may require that you reach out to the sender by phone to confirm.