Using Covid-19 to lure you:
The easiest and most common method for cybercriminals to get your personal information is by luring you with topics that interest you. Lures trick victims into clicking malicious links. Covid-19 has served as a topic that appeals to vast populations, making it easy for cybercriminals to trick individuals into clicking links. Once one of these malicious links have been clicked, the hackers attack will commence, and will steal personal information which the criminals will promptly exploit.

Lures are often disguised as companies or agencies that you would recognize the name of, but likely aren’t familiar with in terms of what their website looks like or what their emailing policy is. They often will use email or SMS messaging as the source of their
link. Lures will use clickbait. Not only will they pretend to represent a health agency you may
be familiar with but they will also advertise things you want to read such as ‘record low Covid-
19 numbers’ or ‘cure breakthrough’ or other forms of clickbait which strike your interest and get
you to click.

Historically, a classic cybersecurity tactic is the: ‘Congratulations! You’ve won [X] number of
dollars’ or ‘Congratulations! You’ve won the latest iPhone!’. People like free stuff, and during
Covid-19 this exact method has been used by telling individuals that they have money ready to
be received from the government. All they need to do is click the link and input their personal
financial information. This isn’t just speculation, the Canadian Centre for Cyber Security
(CCCS) has reported that a SMS campaign was launched in an attempt to trick individuals into
thinking they were receiving their Canadian Emergency Response Benefit (CERB) when truly
they were only receiving malware or a malicious link.

How working from home has made you vulnerable:
We often take the IT guy for granted, but there is a reason all large businesses have one or even a
team of IT specialists. When working from home, you are putting yourself at greater risk by
using personal devices rather than work devices. Even if you brought your work devices from
home, your network itself may be vulnerable to exploitation.
The growth in video calls has also made the sudden emergence of fake video chatting programs a
reality. Even trusted programs such as Zoom have received criticisms for its inability to avoid
cyber espionage.
If you are working from home and have access to an IT specialist, ask them how you can remain
secure at home.

Healthcare held hostage:
The demand for reliable healthcare around the world is at an all time high due to Covid-19.
Medical research facilities and hospitals need to act quickly in order to get patients the treatment
they need while researchers need to work long shifts in order to find breakthroughs in treatments
and vaccines. Cybercriminals are aware of this, and as a result, have been targeting hospitals and
medical research facilities with cyberattacks. By using the methods above, cybercriminals will
upload ransomware. Ransomware is a specific type of malware which locks users out of the
programs they to access in order to do their job. Rather than stealing the information, these
cybercriminals hold the programs and information hostage until they receive the payment they
asked for. Medicals research facilities in the UK, US, France, Czech Republic, Spain, and
Portugal have been affected by these attacks, and attempts have been made during the pandemic
to lure Canadian Provincial Health Agency into receiving ransomware.

So, what can you do? For starters, avoid suspicious links you receive in your email or on your
phone through SMS. Remember: If you aren’t sure, it doesn’t hurt to be safe. Make sure that
when you are working from home, you are working on protected devices and on a secure
network. If your work has an IT specialist, consult them. As for healthcare being targeted, the
most an individual not related to that field can do is spread awareness and practice secure usage
of the internet.
For quick tips on what you can do from home to increase your cybersecurity, click here.