833-847-3280
Schedule a Call

Social Engineering, Fraud, and Hacking During COVID-19

Fraud

Instances of social engineering, fraud, and hacking are rising during the COVID-19 pandemic.

Stimulus Check Fraud

One such fraud case is related to the stimulus checks that are being sent out to citizens of the United States.  The individuals may receive paper checks in the mail. The monies may be put in as a direct deposit if the IRS has updated information.

The IRS created two sites for people who have not provided information on their 2019 taxes.  One is for people to submit direct deposit details.  The other is for people who are considered non-filers, meaning their income is below the threshold required for filing tax returns.

Like many government or banking websites, to verify one’s identity, people must use certain data such as date of birth and Social Security numbers as identifiers.

Consequently, that means everyone must be on the lookout for fraudulent sites that are posing as an IRS website.  Additionally, there will likely be emails, letters, phone calls, and text messages asking you to provide sensitive information or routing you to a fraudulent website.

While people are unemployed or underemployed during the pandemic they become a high target for hackers, as they are desperate and more likely to  click and share data blindly.  As the old saying goes “If it sounds too good to be true, it usually is.”

Hacking remote workers’ devices

As many companies have moved offsite and employees are working from home, that has introduced new vulnerabilities.  IT teams have a hard-enough time protecting a company’s network, now they are struggling with an employees’ personal network.  Some employees are not that computer savvy and they struggle to ensure they have a secured modem and router.  Most have never updated the firmware on such devices to ensure minimum security measures are taken.

Additionally, VPN connections often introduce weaknesses.  Since most VPNs are in a continual usage mode, there is little time to update VPNs, especially when IT teams have been working around the clock to ensure employees can continue working.

Social Engineering remote workers

If hacking devices wasn’t bad enough, hacking an employee occurs more often.  This is where the social engineering and phishing comes into play.  Attackers send emails with either malicious attachments, or links asking employees to sign in to gather pertinent information, such as an invoice.  The malicious attachments often have ransomware that lock up a device’s hard drive.  This tactic has been queuing in on hospitals recently.

Another tactic is to send out an email asking employees to provide sensitive information.  The hacker will send out a bogus login page for office 365, as an example.  Once the victim attempts to log in, the attackers can harvest their credentials.  The credentials will be used later when the attacker feels it will be more profitable.

The best thing we can all do is be vigilant and look for ways that an attacker might gain access.  Whether that be through devices or an employee giving them the keys to the kingdom unexpectedly.  As it’s often said with the pandemic, “we’re in this together” takes on a new meaning in the cyber world.

Latest Posts

A transparent image used for creating empty spaces in columns
As technology evolves at an unprecedented pace, artificial intelligence (AI) has emerged as a transformative force in cybersecurity. Organizations now use AI to detect and respond to threats faster than ever, but this progress raises an important question: is the human factor still relevant in…
A transparent image used for creating empty spaces in columns
In the complex world of cybersecurity, simple strategies can often make a big difference. One of the most powerful ideas in protecting your organization from cyber threats is as straightforward as it sounds: don’t leave the front door open. Picture this: your company’s network is…
A transparent image used for creating empty spaces in columns
With the rise in cyber threats, data breaches, and evolving regulations, cybersecurity risk management has never been more crucial for businesses. Today, companies are more connected than ever, and every device, user, and application potentially opens a new path for cybercriminals to exploit. From ransomware…
A transparent image used for creating empty spaces in columns
 In today’s increasingly digital world, more businesses are operating entirely online with remote teams and cloud-based infrastructures. As these companies grow, so does the importance of cybersecurity. One question we often get is: “Can online companies get penetration tests?” The answer is a resounding…
A transparent image used for creating empty spaces in columns
In today’s education landscape, cybersecurity is more critical than ever. Schools are no longer just places of learning; they have evolved into hubs of digital information, housing vast amounts of sensitive data. From student records to financial information, the risk of cyberattacks has become a…
A transparent image used for creating empty spaces in columns
 In today’s digital landscape, cybersecurity is not just a luxury but a necessity. As businesses increasingly rely on technology, the importance of safeguarding sensitive data has never been greater. However, for many small and medium-sized businesses (SMBs), the costs associated with cybersecurity services, particularly…
contact

Our Team

Name(Required)
This field is for validation purposes and should be left unchanged.
On Load
Where? .serviceMM
What? Mega Menu: Services