Staying safe digitally during the COVID-19 outbreak
SecureLink and Orange Cyberdefense’s CERT* has witnessed an increase of attacks using COVID-19 as a lure during these past few days. These are some basic security measures to stay safe if you are working from home.
Why is the risk of being attacked greater during the COVID-19 epidemic?
Cybercriminals take advantage of crisis and confusion. For example, when Notre Dame de Paris cathedral burned last year, hackers created fake-donation campaigns to steal citizens’ donations.
Thus, since the beginning of the COVID-19 epidemic, SecureLink and Orange Cyberdefense’s CERT have witnessed an increase of attacks using COVID-19 as a bait. Hackers use mostly:
- E-mails: cybercriminals use the name and layouts of known services (administrations, banks, international organizations, etc.) to trick the user into clicking on a link or downloading an attached malicious file.
- Fake websites, fake news, fake maps showing the propagation of the disease, fake remote apps: they look like legitimate websites but are fraudulent copies. They trick the users into giving their personal information and/or into clicking on a malicious link and/or into downloading malware (sometimes without even knowing it).
We recommend staying alert concerning any suspicious demand.
How to detect fraudulent communication (email, SMS, instant messaging, social media…)?
Common red flags that should alert you:
- the sender is suspicious;
- the name of the sender is not the same as the one used in the email address;
- the subject is unusual;
- the attached file is suspicious or unusual;
- the message is not (or very badly) personalized;
- syntax and spelling are wrong;
- the sender asks for personal and/or sensitive information;
- the demand seems urgent or promises a gift;
- the URL seems suspicious (to check this, you can move your mouse cursor over it without clicking);
- the visual aspect is suspicious.
COVID-19: how to react to a suspicious email?
Make sure to know the usual communication channel of your company (dedicated email address, the person in charge of communication, etc.). It is important to have a second communication channel (phone, instant messaging) that will allow you to verify the information and if someone in your company really sent it.
Check the authenticity of the message received, whatever the channel you receive it from: email, SMS, instant messaging, social media, etc. Elements to check are, in particular: the sender, the content of the message (spelling error or bad translation), urgent demand or unusual one… (see the previous question).
In case of doubt, we recommended to:
- never click on any link;
- never open or download attached files;
- check the information from an official website;
- send the e-mail to your internal security service.
If someone asks you about personal matters, about your health for instance, it is important to verify that the sender has the right to obtain such information (thus, you need to know quite well the processes of your company).
In case of doubt concerning actions taken (link clicked, website visited, file attached downloaded), even if you do not witness any abnormal activities, notify your internal security service.
Also, make sure to update your antivirus and operating system.
I have opened a suspicious email, what should I do?
If you have opened a suspicious attached file, disconnect your computer from the network (file and Wi-Fi). Inform your cybersecurity team right away.
I have given sensitive or personal information to a fraudulent website, what should I do?
If you have entered your credentials, you need to change your passwords (every app with the same login codes are concerned). Also, please contact your cybersecurity team as soon as possible.
I work from home during the COVID-19 epidemic. What should I do to avoid attacks?
Follow your company’s instructions concerning remote working, in particular: use the VPN access provided and follow the rules concerning Wi-Fi and Bluetooth. Deactivate wireless networks when not in use.
Remote working implies to use your professional mobile phone more frequently:
- apply all the updates required;
- only use apps authorized by your company;
- stay vigilant regarding applications’ authorizations. Limit them to those necessary for the app to operate.
All the experts of SecureLink and Orange Cyberdefense are mobilized to support you during these uncertain times. We hope that this advice will help you to work from home peacefully, allowing you to take care of yourself and your close ones.
*Computer Emergency Response Team