How damaging can a phishing email be? Recently, some of us became painfully aware of how the click of a malicious link in a single email can bring an organization to a grinding halt. The cities of New Orleans and Pensacola, as well as many businesses, were forced to take their systems offline after the discovery of a suspected ransomware attack.
An unprecedented challenge and a remote workforce
The COVID-19 pandemic brings an unprecedented challenge: How do you manage business continuity and reduce risk with a remote workforce? With the global shift to working from home, we are likely to see a corresponding increase in hacking and espionage attempts against U.S. corporations, businesses and governmental units.
For criminals, this crisis "offers a slew of new opportunities, and if there's one thing we know about cyber adversaries, it's they're adaptive and reactive," says Phil Reitinger, president and CEO of the Global Threat Alliance. "What COVID-19 gives the adversaries is an opportunity both to phish - to sort of weaponize the desire for information - and at the same time a new set of [prospective victims] to target." In this new environment, he recommends updating the patches for your computers and routers, using a virtual private network (VPN), if possible, and educating your employees on phishing dangers and prevention.
Last year the phishing crimes from Business Email Compromise had $1.7 billion in losses according the FBI’s IC3 Cybercrime unit. Now, the phishing campaigns leveraging references to the coronavirus are becoming rampant. For example, a phishing email offering a “Coronavirus Update” contained a zip attachment that was portrayed as offering stats and updates on the COVID-19. However, the attachment contained malware which would have infected a computer if opened.
It’s important to note that although Hancock Whitney may call clients for verification purposes or send product and promotional offerings via email, the company will never ask a client for passwords or their online banking credentials.
Remain vigilant as criminals increase activity during the COVID-19 pandemic
With many people working remotely, cybercriminals will prey on this circumstance knowing the security level has likely been decreased. Please remember not to approve any types of payments from emails without validation. Treasury Services offers you cybersecurity tips with our Five Red Flags of Wire Fraud reminding you on how to spot a wire fraud attempt. You can also access our complete cybersecurity information library here.
Another great resource is simply a phone call away: a Hancock Whitney Treasury Services Specialist is knowledgeable about banking security and can help you create a cybersecurity plan that’s best for your business and your situation. Talk with a specialist about cybersecurity today at 866-594-2304.