A guest blog from Bryan Littlefair – Chief Executive Officer – Cambridge Cyber Advisers
We are certainly living in unprecedented times. With the spread of COVID-19, the way we stay connected has had to change at pace, especially now that so many of us are working remotely.
Fortunately, most of us have the technology and communication tools we need to be able to manage our day-to-day activities online. But unfortunately, cyber criminals are using the current COVID-19 pandemic to attack us when we are at our most vulnerable, amplifying the threat to individuals and organisations.
According to a recent report by the UK’s National Cyber Security Centre (NCSC), an increasing number of malicious cyber actors have been exploiting the current crisis – with many of them using UK government branded scams relating to COVID-19 to try and trick us.
So you can stay safe and secure online, both now and in the future, it’s important to understand the methods and techniques employed by malicious cyber actors. That way, when anything arrives in your inbox or pops up on your phone, you’ll stand a better chance of sorting out what’s genuine and what’s malicious.
Right now, both the government and the NHS are putting a lot of effort into communicating with us, so it’s likely you’ll be receiving genuine messages from them. On the flip side, there has also been a huge global spike in malicious activity relating to COVID-19, with cyber criminals posing as these official bodies. Click on one of their messages and you may open yourself up to ransomware – where they will attempt to encrypt and effectively lock your machine until a ransom payment is made. Alternatively, they may deploy malware which will potentially reside on your device, ready to harvest your personal information.
The main tactic used by the threat actors to compromise individuals is called ‘phishing’. They send an email or text message that looks genuine, but instils a sense of urgency and fear, driving you to click on the link or open the attached file. While the information you receive may look genuine, it might also include hidden malicious content.
By taking advantage of our natural curiosity and concern around the coronavirus pandemic, these actors convince us to click on a link or download an app that takes us to a phishing website, or leads us to download malware, including ransomware.
For example, one malicious Android or Apple app purports to provide a real-time coronavirus outbreak tracker. Instead, it tricks the user into providing administrative access to install ransomware and sends emails with subject lines such as ‘Coronavirus Update’ or ‘2019-nCov: Coronavirus outbreak in your city (Emergency).’
It’s also becoming increasingly difficult to filter safe messages by the sender. To create the impression of authenticity, malicious cyber actors are now making their emails look like they come from a trustworthy source, such as the World Health Organization (WHO), the UK Government or an individual with ‘Dr.’ in the title. You really have to be on your guard these days!
Emails seem to be the favourite way of carrying out malicious activity, but don’t be fooled into thinking you’re safe when receiving text messages. A series of recent malicious SMS messages used a UK government themed lure to harvest email addresses, names and banking information. These SMS messages, purporting to be from ‘COVID’ and ‘UKGOV,’ (see figure 1) include a link that sends you directly to their phishing site (see figure 2).
Figure 1 – UK Government themed SMS phishing
Figure 2 – UK Government themed phishing page
These messages look and feel incredibly genuine, so it’s perhaps no surprise that an increasing number of people are falling victim to these scams. So what practical steps can you take to ensure you don’t become one of them?
Tips for spotting tell-tale signs of phishing
Spotting a phishing email or SMS isn’t easy – many have even tricked computer experts! However, there are some common signs to look out for:
- Authority – is the sender claiming to be from someone official (like your bank, doctor, a solicitor or government department)? Criminals often pretend to be important people or organisations to trick you into doing what they want.
- Urgency – are you told you have a limited time to respond (like in 24 hours or immediately)? Criminals are using the current COVID-19 pandemic to send you emails with URGENT information.
- Emotion – does the message make you panic, feel fearful, hopeful or curious? Criminals often use threatening language, make false claims of support, or tease you into wanting to find out more.
- Scarcity – is the message offering something in short supply. Fear of missing out on a good deal or opportunity can make you respond quickly.
- Current events – are you expecting to see a message like this? Criminals often exploit current news stories like COVID-19, big events or specific times of year (like tax reporting) to make their scam seem more relevant to you.
Your bank (or any other official source) will NEVER ask you to supply personal information in reply to an email. If you have any doubts about a message, call them directly. Don’t use the numbers, email addresses or links within the email you’ve received. Instead, visit the official website by typing the normal link into your browser or use the phone number you would usually call.
The daily government communications on the TV, clearly articulate and explain the current funding and grants that are available to individuals and companies and how the application process will work. If you receive anything offering you extra cash or a different method of claiming, refer back to authoritative sources and the UK government website.
What to do if you’ve already clicked
If you’ve already clicked a link (or entered your details into a website), take the following steps:
- If you’re using a work laptop or phone, inform your IT department immediately.
- If you’ve been tricked into providing your banking details, contact your bank and let them know.
- Open your antivirus (AV) software, if you have it, and run a full scan. Allow your antivirus software to clean up any problems it finds.
- If you’ve provided your password, change the passwords on any accounts that use the same one.
- If you’ve lost money, tell your bank and report it as a crime to Action Fraud the UK’s reporting centre for cyber crime.
Chief Executive Officer
Cambridge Cyber Advisers