Cybersecurity: Do not let your guard down during COVID-19
Many people who are accustomed to a traditional office environment are finding themselves transitioning to work from home during the COVID-19 pandemic. Hackers and scammers are taking full advantage of this and are targeting their phishing attacks to exploit current events. An email from your supervisor or executive two weeks ago asking: “Are you in the office? Can you do me a quick favor?” may have been easily dismissed and deleted, especially if the alleged sender works two doors down and you just saw him or her walk by with a cup of coffee.
Now imagine you are working from home or you are part of a small number of employees who are continuing operations in the office, all the while being encouraged to keep a distance from others. You receive an email: “Hi, I am stuck and can’t access our system. I am working with IT, but it could take a while, can you do me a quick favor?” You want to immediately and automatically say yes, but take a minute to evaluate the email.
- Treat every email like it could be from someone other than the alleged sender.
- Check the sender’s email address and hover over any hyperlinks checking for typos and if the link is to a different website than the link shown in the actual email.
- What about context and tone? Does this communication have the “voice” of the sender, and would you be the most likely person he or she would contact with this request?
- Do not click on links, send information, or take action without doing your due diligence. This may require that you reach out to the sender by phone to confirm.