The UK’s intelligence agency is urging the public to follow online safety advice as criminals exploit the coronavirus outbreak to target individuals with malicious emails.
Using fake emails supposedly sent from the NHS offering important updates on the spread of the virus, hackers have been sending out malware in emails with clickable links, potentially putting private data at risk.
The NCSC has produced guidance designed to help people detect phishing emails, advising people to look out for bad spelling or grammar, the legitimacy of the senders name and a warning never to share any form of information through emails of this kind.
Director of operations at the NCSC, Paul Chichester, said: “We know that cyber criminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the coronavirus outbreak.
“Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails.
“In the event that someone does fall victim to a phishing attempt, they should look to report this to Action Fraud as soon as possible.”
The company has been working to remove malicious sites after seeing an increase in the registration of webpages relating to the coronavirus, suggesting cyber criminals are taking advantage of the outbreak.
- Shameless Hackers Exploiting Coronavirus Fears With Scam Emails
- Increased Demand on Internet Services Not an Issue, say Broadband Firms
- Coronavirus Advice Helpline Set Up for Scottish Businesses
Cybersecurity specialist Jake Moore told informationsecuritybuzz.com: “The spread of fear is just as contagious as COVID-19 and people are falling for these scams in panic mode.
“Cyber criminals are relying more on social engineering, which is the practice of deceiving or manipulating someone. Right now, this tactic is proving very popular; people feel they have limited time to research the background and validation of sites.
“Panic is a psychological feeling that threat actors use widely, especially when there is a pandemic.”
An NCSC spokesperson said: “These attacks are versatile and can be conducted through various media, adapted to different sectors and monetised via multiple means, including ransomware, credential theft, bitcoin or fraud.
“Continued global susceptibility to phishing will probably make this approach a persistent and attractive technique for cyber criminals. Moreover, if the outbreak intensifies, it is highly likely that the volume of such attacks will rise.”