During the COVID-19 pandemic, we’ve seen people step up in amazing ways. Emergency-room staff are putting their lives on the line and working round the clock. Volunteers are bringing meals to older folks who are unable to leave their homes. Relatives of those at risk for getting the coronavirus have agreed to take care of their children to keep them from getting sick.
Tragically, however, there’s also a dark side to this crisis: Internet hacking is in full force. Cybercriminals are aware that many of us are working from home, often on less-than-secure Wi-Fi networks. Many Americans are waiting for government stimulus money that serves as bait for hackers, and scammers have no compunction about playing on people’s fears about the coronavirus or the stalled economy.
United States, China and Russia Most Attacked
The United States is one of the top countries being targeted in cyberattacks but it is hardly alone. In early April, national governmental agencies in the U.S. and the United Kingdom issued alerts warning about “a growing use of COVID-19-related themes by malicious cyber actors.”
Microsoft, which has been mapping coronavirus-themed cyberattacks around the globe, has reported that China, the United States and Russia have born the biggest brunt of cyberattacks, although all 241 nations and territories have suffered at least one virus-related attack. Countries with the most COVID-19 cases are getting hit the hardest. According to Microsoft’s website, the volume of successful attacks in countries that have seen outbreaks is increasing “as fear and the desire for information grows.”
Some of the biggest hacks have been waged against healthcare organizations, such as the World Health Organization, the Gates Foundation and John Hopkins University. Some cyberattacks are state sponsored; last month, Wired reported that more than 12 government-backed groups are using the pandemic as cover to spy on adversaries.
Preying on the Vulnerable
Millions of Americans and people around the world are sitting ducks for hackers who see this pandemic as an opportunity to turn a profit and wreak havoc. There are several reasons why cybercrime is on the rise during the COVID-19 pandemic:
- As many people are trying to protect their health by sheltering in place, they’re spending a lot more time on the internet, such as working remotely and streaming. This often means connecting to a relatively unsecure network leaving them more vulnerable to cyberattacks.
- The U.S. government and other countries are sending to constituents trillions of dollars in stimulus and unemployment payments. To steal the money you’re owed, cybercriminals can plant on your computer malware that allows them to hack into your online bank account or steal your personal information and then convince the government to send your money to them.
- People can be easy prey for hackers when they are vulnerable and desperate. The pandemic has left people sick and bereaved. Many have lost their livelihoods and businesses, and so many are susceptible to clicking on an email or text that promises a false cure for COVID-19, a get-rich-quick scheme or some other scam.
6 Steps to Protect Your Data During the Pandemic
There are steps you can take to protect your personal information whether you’re working, streaming, or shopping or banking online. Here are 6 tips you should follow:
1. Ignore too-good-to-be-true offers.
Chances are, you’ve been sent emails or notifications that promise a way to get vaccinated for the coronavirus (no vaccine has yet been made available to the public) or receive a test kit (there’s only one test that is FDA-approved). Fraudulent emails often appear to have been sent from health organizations such as the Centers for Disease Control and Prevention or the World Health Organization. If you can’t verify that these messages were sent by a legitimate source, delete them immediately.
2. Be wary of fake domains and apps.
The pandemic has given rise to fraudulent website domains that appear to offer information about coronavirus vaccines, supplements and treatments and entice you to click on a link or download an app. Carefully inspect these URLs. Some will appear to be from a trusted source but will replace a letter or two to disguise it. You can also conduct an internet search on the source name. (If you include the word “scam” in the search it can reveal whether it is one.) If you’re still not sure that a source is legitimate, contact the organization directly. Only download apps from legitimate sources such as Google Play Store or Apple Store.
3. Use strong passwords.
Be vigilant about assigning and storing secure passwords. This is one of the most effective methods to keep your data safe. Passwords should be strong and unique. Of course, don’t store passwords on your computer. Instead, encrypt your passwords with password-manager software.
4. Install antivirus software and keep it updated.
Make sure you’re using antivirus software to protect your computers and devices against viruses, malware, spyware and ransomware. Keep this software up to date to ensure that “tears” have been repaired so hackers can’t sneak through.
5. Use a virtual private network or VPN.
One of the best ways to protect your data is with a VPN. A VPN acts as a virtual “tunnel” to hide all data entering or leaving your computers and devices from hackers, your internet service provider (ISP) and the government. Don’t sign up for a free VPN - it likely will use your personal information for advertising purposes - and be sure to download your VPN app on all your devices and use it whenever you’re online. The best VPNs have a no-log policy that ensures no one can see your data, not even the VPN provider.
6. Establish security policies for remote employees.
The National Cybersecurity Alliance urges companies whose employees work remotely to institute security policies and guidelines. Organizations should communicate these policies to remote workers and make sure they know how to report suspicious online activity to IT departments.
Of course, these steps will help keep your data safe even when we’re not in a pandemic. So when we get past this crisis, keep them in place so you can continue to protect your data from hacking and identity theft.