The COVID-19 pandemic has put a lot of stress on people. Nowhere is this more true than in the small business arena. Small businesses, many of which were forced to suspend or severely alter their operations, are also dealing with cyberattacks. Let’s take a look at the effects COVID-19 has on small businesses regarding cybersecurity.
It Was Bad Before, Now It’s Worse
Before this whole COVID-19 mess, there were a lot of different threats that businesses had to take into consideration. Now with the fear surrounding the pandemic, scammers have a lot of new ammunition to use to try to steal access and data. The problem is that with everyone distracted, people are being less vigilant and it’s creating more victims. Threats include:
- Phishing attacks
- Distributed denial of service attacks
- Man-in-the-Middle attacks
- Network based user threats due to negligence or sabotage
Any of these can work to undermine your business’ network security and cause major problems from operational disruption, a loss of reputation, data theft, and even the unthinkable: a ransomware situation.
Any of these threats can undermine your business. Here are two of the direct problems businesses have been seeing during the COVID-19 pandemic:
It’s a shame that business owners and decision makers are forced to deal with these kinds of problems when their attention should be on sustaining their business’ operations. Scammers don’t care that this situation is stressful enough. They have been setting up websites that spoof legitimate ones and people have fallen for them. They have set up sites spoofing government websites, businesses, banks, and more. Here are a couple things you should keep in mind to not fall victim to these sites.
- Check the URL – While a fake site may look just like the real thing, the URL will not. You need to move deliberately online when sensitive personal, medical, or financial information is at stake. Simply running your mouse over any links or buttons can expose spoofed websites and keep you from being a victim.
- Use Ad Blockers – As simple as any solution there is, is to use ad blockers. These browser extensions can go a long way toward keeping you off spoofed websites and on the legitimate path.
Email and Text Phishing
If you are a regular reader of our blog, we discuss phishing all the time. It is currently the number one threat to people online, and therefore, the biggest threat to businesses, too. Phishing tactics are known to adjust, and during the COVID-19 pandemic they’ve done just that, attempting to use the pandemic as a way to gain access to computing networks. With over three billion phishing emails sent every day, it is essential for any decision maker to make phishing training (and testing) a priority for your organization. It will pay huge dividends if that knowledge can keep your business from dealing with the litany of problems that come from being successfully phished. Here are two things you need to drill your team on:
- Confirm the Sender – The only way a phishing attempt is successful is when the person receiving the message interacts with it. Your staff needs to know that an email has come from a legitimate source before they interact with it, period.
- Don’t Click on Links and Attachments – Phishing emails and messages require the user to take action. If there are links or attachments sent in an email, users have to know they are interacting with a reliable email before clicking on anything. It’s so important to not click on links or open attachments when you don’t already know where the message comes from.
Unfortunately, cybercrime will be here a whole lot longer than COVID-19. That’s why it is essential that your staff is trained and understands the risks of allowing unauthorized entities onto your network. If you need help putting together a cybersecurity strategy, or you would like to talk to one of our knowledgeable technicians, call Catharsis Managed IT Ltd today at (416) 865-3376.