Beware of opportunistic phishing campaigns

Almost two thirds of organizations have encountered a phishing attack so it’s a good time to make sure everyone is aware of the risks associated with phishing. What do we recommend?

  • First check the sender – it doesn’t matter if the message comes across SMS, social media instant messenger or email. Know who the sender is before you click the link.
  • Second, look out for scams – make sure you aren’t being redirected to pages that are asking for your log in credentials or asking for donations or money.
  • Third, when in doubt, go direct – sometimes it’s best to just got direct to the website or contact the sender out of band to make sure that you are keeping your own personal privacy and data secure.

covid-phishing

More information on Coronavirus scams can be found here.

Don’t get tricked into downloading suspicious apps

In times like this, conflicting information and scare mongering can lead users to seek out information. Hackers are taking advantage of this by launching apps that pose as Coronavirus tracking apps but are designed to track users. One particular example is Coronalive 1.1. This app never made it onto official app stores but it was available for sideloading.

  • Only download apps from trusted sources: apps from third parties have not undergone security checks and are more likely to have malicious functionality or vulnerabilities.
  • Check the reviews and developer information: are there telltale signs the app is not built for the purpose? Many basic apps are created for the sole purpose of gaining user data
  • Only grant necessary permissions: calculator apps should not be asking for access to the photo library, use common sense and be conservative.

Protect yourself on public and home Wi-Fi

Public Wi-Fi presents a serious privacy risk when a Man-in-the-Middle (MitM) attack occurs.

  • Be cautious on public Wi-Fi: If you must use it, ensure you aren’t entering any sensitive information, such as passwords or credit card details because it is incredibly easy for third-parties to “sniff” unsecured network traffic and harvest these details

Home Wi-Fi networks are not always secure networks either.

  • Configure you home Wi-Fi security: There are multiple options your router might support when it comes to wireless encryption. WPA2 is currently the best available encryption standard and should be compatible on most modern routers. Log in to your router’s administrative portal to ensure it isn’t using older and less secure encryption schemes such as WPA or WEP.