Cybersecurity Countermeasures in the Wake of Ransomware Attacks

The following blog post is an open letter to every Endsight customer, sent recently. We are providing this for public consumption to benefit the business community and anyone who has a current or future relationship with Endsight.

From: Mike Chaput

To: Endsight Customers

Subject: Cybersecurity tips pertaining to COVID-19 exploits

It pains me to write this email. Of all the things you have to be worried about right now, cybersecurity SHOULD be on the bottom of the list. Unfortunately, it is not! Hackers are exploiting the situation. In fact, data shows they are actually ramping up attacks in the wake of the crisis. Many of these attacks are through phishing scams, but not all. There are spoofed medical and COVID-19 websites that will load malware and viruses on your computer and reports of phone scams. Hackers are also taking advantage of remote workers who are now working from less secure home networks and personal workstations.

While the ethical implications of this are unfathomable, computer users everywhere need to remain vigilant.

Here are some tips to keep in mind now and always!

1. Never assume all the links in a Google/Yahoo/Bing search are safe.
2. Think before you click anything: Nothing can substitute for simply approaching every link as if it is surely a virus unless you can verify it’s not. Even the blog link I put at the bottom of this email should create an immediate sense of caution. This very email could be an elaborate phishing ruse.
3. Hover over the link to be sure it’s actually going to the intended location.
4. Refuse to open attachments or click links from untrusted sources.
5. Verify attachments and links with an alternative communication form like text or phone.
6. Never transfer any kind of money or gift cards without verifying with the source. Use text, or phone call to verify, but never the email address making the request as it could be compromised.
7. Be extremely cautious when giving any personal or other information requested.
8. Keep your home workstations patched. The machine that your family uses could pose a threat. Turn on automatic updates for any workstation in your home environment that we do not manage for you.
9. Make sure antivirus (AV) is up to date. We take care of this on your work machine, but your home workstations are just as important during times like this. Check your AV subscriptions to make sure they haven’t expired and renew them if they have.

Below is a great blog article with some more information as well as specific examples of Phishing scams.

https://blog.knowbe4.com/piling-on-exploiting-the-coronavirus-for-fraud-and-profit

Stay safe from both physical and computer viruses!

Mike

Related resources:

How to Protect Yourself from a Social Engineering Attack

Password Security Trends and Best Practices