Case Studies

Virus: phishing reminder

by Mark Rowe

Remain vigilant and alert to phishing attacks during the Covid-19 pandemic to maintain information resilience, British Standards (BSI) is warning. The standards body points to the continued use of remote working, and cyber attackers using this opportunity to target businesses and their employees.

Several false web domains relating to Covid-19 have been registered and are being used to link to phishing and credential attacks. In the UK specifically phishing campaigns include BEC (Business Email Compromise) attacks whereby the attacker pertains to be a colleague or someone you know requesting a payment to be made. These types of emails can also include ransomware and malware disguised as links to click for further information on meeting notices or company updates. Additional emerging threats cover attackers that are mimicking charities, health bodies or business and financial supports.

Stephen Bowes, Global Practice Director, Security and Information Technologies, BSI Consulting Services, says: “We are living through an exceptional time at present with many employers focused on their staff’s welfare and business continuity. World events like Covid-19 provide vast opportunities for cyber attackers to infiltrate companies and gain user data such as login credentials or financial information. We are seeing attackers increase their presence due to the crisis and with many of the global workforce now working remotely. Most recently Interpol2 has alerted healthcare institutions of targeted ransomware attacks that have the potential to lock them out of their critical systems. Phishing is one of the highest causes for cybercrime and all online users, in work and at home, need to be alert as cases of fraud are rising during this time.”

“We want to urge employers and employees to remain vigilant and be aware of the increased risks and make sure you get your information from reputable sources. Don’t get caught off guard by clicking on links in emails and report any suspicious emails to the IT department. If in doubt about the legitimacy of an email that is requesting a payment or specific action, we would advise that you contact the sender by phone to get verification first.”

Visit bsigroup.com/cyber-uk.

Related News

  • Case Studies

    Corruption perceptions

    by Mark Rowe

    Corruption not only undermines the global health response to COVID-19, but contributes to a continuing crisis of democracy, says the anti-corruption campaign…

  • Case Studies

    Music Plus Sport dates

    by Mark Rowe

    The crowd management and event security contractors Showsec will be working with music promoter Music Plus Sport on five major events this…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing