The Australian Competition and Consumer Commission reported that last year Australians lost $176.1 million to scams, 23.1% more than 2019*
For years, scammers have been exploiting major crises, using vulnerabilities as opportunity, and the events surrounding COVID-19 have advanced these level of cyber attacks.
Whilst many organisations have security tools and protocols in place to protect their data, cybercrime often occurs through human error with situational factors used as a method to deceive even the most security aware.
Email and text messages with a variety of subjects are most commonly used to deliver phishing attacks. Now, as the world prepares for the rollout of COVID-19 vaccinations, opportunistic scammers are using the topic advantageously and thus, vaccine related phishing scams are presently are the rise.
Furthermore, these cybercriminals are buying online domains similar to vaccine brand names, as well as online advertisements offering direct access to vaccines. These criminals closely monitor the news, tailoring their techniques and messaging to adapt to environmental factors and subsequently, gain from the crisis.
For organisations, regular reminders educating staff of the various type of exploits can help instil the right behaviours and mitigate cybercrime. To help you stay protected, we have constructed 7 simple tips to avoid opportunistic attacks:
- Reject offers from unknown sources – unsolicited SMS messages and email messages
- Check trusted sources directly by visiting the government agencies websites directly
- Be cautious of requests for personal and financial information
- Double-check links and email addresses before clicking or replying – many scammers mask their identity as a known internal resource. A simple review of the email address and hovering over any embedded links will present the true identity of the source
- Don’t be pressured into making decisions
- Don’t install or run any application from unknown sources
- When in doubt, ask a superior in your organisation if the communication is legitimate
Overall, robust security awareness training for the entire workforce is your best line of defense. It is prudent to invest in security awareness training to reduce the likelihood of a successful attack on your organisation.
Security aware users protect your overall security posture, and a strong human firewall acts as not only the last line of defence, but sometimes, the only line!
blueAPACHE works with industry best global vendors to ensure we deliver end-to-end security improvements, including training and awareness solutions.
If you would like further information regarding security best practice or guidance on how to implement a security awareness program, please contact our expert security consultants here
*Australian Competition and Consumer Commission n.d. Scam Statistics <https://www.scamwatch.gov.au/scam-statistics>