Protecting against Cyber Scams during the COVID-19 Pandemic
Extra caution is needed as uncertainty, remote work and COVID-19 scams compromise the security of your personal information.
During this unprecedented time of upheaval and uncertainty, millions are working from home and sheltering in place, including digitally-active children and adolescents home from school. This leaves many more hours each day for internet activity, elevating the risk of falling victim to cyber scams. In fact, the U.S. Federal Bureau of Investigation and other government agencies are already observing and warning against a significant rise in such schemes.
Extra vigilance is needed in this environment to protect yourself, your family and your assets. This includes re-familiarizing yourself with cybersecurity best practices, including the below strategies, which have become crucially important during this period.
- If possible, separate your network so that your company devices are not running on the same WiFi instance as your personal devices.
- Keep your mobile devices with you at all times, and store them in a secure location when not in use. Set auto log-out on your computer so that your machine locks if you walk away and forget to log out.
- Limit access to your work device. Only the approved user should use your work computers – not family and friends.
- Use only company-approved and vetted devices and applications to collaborate and complete your work. Do not be tempted by shortcuts, personal software favorites or new data sharing tools that have not been approved by your company.
- Update your software. Before connecting to your corporate network, confirm your devices are running the most current versions of software. Updates often include important changes that improve the security of your systems.
A Warning from the World Health Organization
Several news outlets have reported that elite hackers tried to break into the World Health Organization’s (WHO) data systems earlier this month. Although the attempt was unsuccessful, WHO Chief Information Security Officer Flavio Aggio said that the identity of the hackers was unclear and warned that hacking attempts against the agency and its partners have soared as they battle COVID-19. This activity is not limited to attacks against the WHO and other agencies; the WHO has warned that hackers are also targeting individuals by posing as the agency in attempts to steal money and sensitive information.
- Do not reveal personal or financial information in an email. In fact, do not even answer email solicitations for this type of information. This includes following links or opening attachments sent in email.
- Pay attention to website URLs. Malicious websites may look identical to legitimate sites, but their URLs may use a variation in spelling or a different domain (for example, “.com” instead of “.net”).
- If you are unsure whether an email request is legitimate, verify it by contacting the company directly using information provided on an account statement – not in the email. You can also visit the Anti-Phishing Working Group (APWG) to learn about known phishing attacks or report phishing.
- Follow the cybersecurity golden rule: If you did not ask for it, do not respond to it. You can reach charity and government sites directly should you need to.
- Be on the alert for “Vishing” scams, phone calls asking for personal financial information or donations to charities. Although not technically a “cybercrime” these scam phone calls are a form of social engineering and attempts to commit fraud.
- Talk to your family members about cyber scams, phishing, and “fake news.” It’s important that both your children and your older relatives understand the risks during this time. This includes avoiding clicking links in emails as well as “news stories” posted on social media. Use legitimate news sources for your information rather than clicking on unknown links.
- Keep your internet router and your home internet-enabled utilities, such as your security system, internet-enabled televisions, thermostats, gaming systems, etc. secure. Turn off the “WiFi” on devices that do not need to connect to the internet, and monitor your router’s connections to ensure there are no unexpected or unknown devices.
- Track your credit activity online by checking your bank statements, credit accounts and credit reports. You can review your credit reports for free by visiting https://www.annualcreditreport.com/.
For more recommendations on improving your personal security, contact your Northern Trust relationship manager or visit the Northern Trust Security Center.
Staying One Step Ahead
 For example, see FBI Sees Rise in Fraud Schemes Related to the Coronavirus (COVID-19) Pandemic and the United States Department of Justice, Report COVID-19 Fraud.
© 2020, Northern Trust Corporation. All Rights Reserved.
LEGAL, INVESTMENT AND TAX NOTICE: This information is not intended to be and should not be treated as legal advice, investment advice or tax advice and is for informational purposes only. Readers, including professionals, should under no circumstances rely upon this information as a substitute for their own research or for obtaining specific legal or tax advice from their own counsel. All information discussed herein is current only as of the date appearing in this material and is subject to change at any time without notice. This information, including any information regarding specific investment products or strategies, does not take into account the reader’s individual needs and circumstances and should not be construed as an offer, solicitation or recommendation to enter into any transaction or to utilize a specific investment product or strategy.