“In March, when people all around the world were not going back to their workplaces, there were many businesses trying to give access to their corporate network, allowing people to connect into their business via personal devices,” leading cybersecurity expert and Global CTO for CrowdStrike, Mark Sentonas, told nine.com.au.
“They don’t know what security is there … this creates a perfect environment for scammers.”
According to the report, more than 80 per cent of businesses plan to continue remote working once coronavirus restrictions ease.
Mr Sentonas said this presents a “huge problem”.
“We’re seeing examples of attacks where scammers are using ransomware,” he said.”It’s one of the biggest areas of growth when we look at cyber attacks because there is just so much money to be made.”
A decryption key is promised once the ransom is paid.
“It’s not always guaranteed that you get it and it’s not always guaranteed that it will work, but people in a panicked situation are likely to pay that ransom,” Mr Sentonas said.
Mr Sentonas said it is important to not pay the ransom; your data may not be restored and the funds are supporting criminal groups.
Coronavirus a ‘perfect business opportunity’ for scammers
“Something like this is the perfect business opportunity for scammers,” Mr Sentonas said.
“They typically will look for any opportunity to prey on peoples’ fear, to prey on the fact that there is so much concern about what is going on and access to information.
“You get a situation like COVID-19 and suddenly you’ve got this huge opportunity that they’re using to try and scam people.”
Phishing has become a common scam technique, where attackers impersonate a reliable source through text messages and emails to steal your information.
“Scammers are pretending to be from real and well-known businesses such as banks, travel agents, insurance providers and telco companies, and using various excuses around COVID-19 to ask for your personal and financial information, lure you into opening malicious links or attachments, gain remote access to your computer, seek payment for a fake service or something you did not purchase,” Scamwatch said in a statement.
Mr Sentonas said the best way to protect yourself is to be cautious.
“Always doubt and verify,” he said.
“Don’t click on links. If someone sends you an offer or asks for your bank details – you’re not going to get that through a text or through an email.
“Call your bank or the relevant service provider.”It may take a couple of minutes of your time to do that check, but it may also save you thousands and thousands of dollars.”
Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.