Skip to main content

4,000% increase in ransomware emails during COVID-19

#307 of 1611 articles from the Special Report: Coronavirus in Canada
A woman uses her computer keyboard to type while surfing the internet in North Vancouver, B.C., on Wednesday, December 19, 2012.
A woman uses her computer keyboard to type while surfing the internet in North Vancouver, B.C., on Wednesday, December 19, 2012. File photo by the Canadian Press/Jonathan Hayward

The COVID-19 pandemic has forced many people to work from home. But are you keeping yourself and your work cybersecure?

Scott Beck, of BeckTek in Riverview, said cyber criminals hope you aren’t, and they're out in full force. “The bad guys are really taking the opportunity to use COVID-19 and the coronavirus to target people,” he said in an interview.

David Shipley, CEO and founder of Beauceron Security in Fredericton, said many criminals are using COVID-19 as a lure, pretending to be from a company or organization that could contact you at this time, or just preying on people who are stressed or distracted by working at home and who click on something they wouldn't usually.

“We have seen a 4,000 per cent increase in ransomware emails and among my own clients, 53 per cent of inbound emails last month were junk phishing emails,” said Beck.

Shipley's company has seen similar trends.

Working from home? Be cybersecure: 'We have seen a 4,000% increase in ransomware emails'Working from home? Be cybersecure: 'We have seen a 4,000% increase in ransomware emails'

“We’ve seen about a 250 to 350 per cent increase [in ransomware-related attack attempts] in the last three weeks alone with COVID-19 themed cyberattacks. And at last count, there are 13,000 website domain names using some form of the name COVID-19 that are malicious websites,” he said.

If you're working from home and feeling out of your depth when it comes to technology - let alone cybersecurity - the experts have some advice to give you more control.

“‘The biggest thing is it's not about technology," said Shipley. "It's about putting people in control of technology, helping them be comfortable and understand that there are things that they can do to protect themselves and that they're the target, not the computer.”

You can prevent becoming a target by knowing the risks.

"The number one risk for most small and mid-sized, and even large organizations, is what's known as business email compromise or 'whaling'," said Shipley. "And that is the attempt to look like a CEO or executive, a person of authority, requesting a financial transfer, transaction, wire transfer. And those have jumped considerably.”

A cyber criminal might pretend to be your boss, creating an email address with just one letter different from your boss’ real email, said Shipley. The best defence for employers is to require a non-email method of confirming any transaction.

While whaling can happen at any time of year, Chris Johnston, CEO of Bulletproof, says it is heightened right now because of the conditions created by COVID-19.

For instance, your boss isn’t down the hall to double-check if something doesn’t look right. But if your Spidey senses are tingling, now is the time to listen, said Beck.

'Phishing' emails are also more common at the moment. “We’re seeing a huge increase in scams and bad actors that are sending out massive amounts of phishing emails, which are emails designed to elicit a response meaning they’ll create some urgency to it,” said Beck.

You can protect yourself by performing what Beck calls “The REST Test”:

'R' is a request for personal information, which should always be a warning sign.

'E' is for emotion. “If you get an email that says ‘click here or you’ll lose your benefits, open this attachment or we will kick you out of your apartment because you didn’t pay your rent,’ watch out,” said Beck.

'S' stands for spelling and grammar. "Sometimes the spelling may be awful or how the email is structured is not how someone would normally speak,” he said.

And 'T' stands for think before you click. "Hover over those links to see where they’re actually going," said Beck. "If it says it’s coming from the Government of Canada and you hover over the link and the website is different ... big warning sign.”

By now, many Canadians have heard about cases of ‘Zoombombing’, where someone enters an open Zoom meeting and intentionally causes an offensive disruption.

When using Zoom or other video-conferencing platforms, Beck, Shipley and Johnson all recommend using all of the available security features, such as requiring a password and using a virtual lobby.

However, said Beck, the effectiveness of these features is limited if you post a link and the password to social media, so different methods should be used to share these details with participants.

Another basic rule of thumb is that work computers should be used for work only, said Beck. Using them for other purposes could compromise the company's cyber-security.

It’s also not a good idea to send work emails from a personal account just because you're at home, said Johnston.

Passwords should be complex and if you are still using the default Wi-Fi password on your device, now might be a good time to change that too, said Beck.

Companies that are essential services should consider themselves at an elevated risk for a security breach right now and should make sure employees are aware of cyber-security protocols, said Johnston.

These companies' security is of concern for all Canadians because if the health-care or food supply chains are interrupted, it could affect everybody, he said.

“The risk is high for these companies due to their elevated level of importance to keep society and the economy going,” he said. “But the due diligence and best practices are the same as they were yesterday.”

Cyber-crime is only going to get worse over time, Shipley warned.

“It could be the fall before we see the second hammer of the digital side of this,” he said. “It's not too late to be proactive. Train your employees, train them on remote work, to set up security, because an ounce of prevention now will prevent a lot of pain in a couple of months.”

Comments