Guidelines To Identify The Social Engineering Techniques Associated With COVID-19
Cybercriminals do not understand global health emergencies, they will take advantage of any situation from which they can obtain a benefit, such as the current one of COVID-19. Another factor to consider is the criticality of organizations dedicated to the health sector or any other essential sector, such as logistics or industry. The stress they are experiencing makes them a much more attractive target, and any cyber attack could be disastrous. Therefore, workers must know how to identify the threats that may affect their organization to safeguard its continuity.
Attacks Based On Social Engineering
Cybercriminals have mainly two methods to circumvent the security of organizations: using vulnerabilities or poor configurations, generally more expensive techniques; or attack employees using social engineering techniques. This second entry vector is one of the most widely used today to steal confidential information and distribute malware, with email being the preferred communication channel for cybercriminals.
Guidelines For Identifying Fraudulent Emails With Social Engineering Techniques
Fraudulent emails, either currently due to the COVID-19 situation or at any other time, follow the same guidelines. Knowing how to identify the signs of a social engineering attack will greatly reduce the risk of a security incident.
- Urgency: Urge potential victims to take a certain action, such as opening a link or downloading an attachment, as quickly as possible so that they do not have time to assess whether the communication is legitimate or not. They are generally associated with a negative consequence if the action is not carried out. This type of strategy is commonly used in phishing to bank entities, although it can be used with another hook such as COVID-19.
- Authority: This strategy is based on using entities, recognized personalities, or even members of the organization itself to force the user to carry out the malicious action. Some of the most widely used impersonations are:
Email Service And Office Tools.
State Security Forces And Bodies.
Banks or Internet Providers.
- Willingness To Help: Due to the current crisis, citizens feel the need to help others in everything that is within our reach. Therefore, cybercriminals will take advantage of this situation, alleging any need, and appealing to our willingness to help.
- Gratuity: Nothing is more striking than some free product or service, cybercriminals know this and constantly use this strategy. It is usually used in false discount voucher campaigns for supermarkets, although they can modify it and offer other products and services such as face masks, disinfecting gels, Internet, electricity, gas, etc.
Also Read: Cybersecurity Trends For 2020 And 2021
Other Factors To Check To Detect Fraudulent Emails
In addition to taking into account the above indications, special attention should be paid to other factors that serve to identify fraudulent emails.
- Sender: The first step to check is the sender of the mail, the address where it comes from must match the organization it represents. For example, an email from a government agency would never come from a free email account such as Gmail or Outlook. Cybercriminals can misrepresent this information so more factors should be checked.
- Attachments: Before any attached document precautions must be taken and all will be considered as potentially unsafe. The vast majority of entities never send attachments in their communications, unless they have previously reported it, such as an invoice. It is recommended never to open attachments with the following extensions:
.exe – The traditional Windows executable file.
.vbs – Visual Basic Script file that can also be run.
.docm – Microsoft Word file with macros.
.xlsm – Microsoft Excel file with macros.
.pptm – Microsoft PowerPoint file with macros.
- Links: Links can also be dangerous as they can redirect you to websites that spread malware or steal confidential information such as phishing. It will be checked if the website you are targeting is the one that appears in the text of the link before accessing it, and in the slightest doubt it will be checked with online tools, such as VirusTotal.
- Signature And Spelling: The absence of a signature in the mail or that it does not coincide with the entity it represents are indications that it may be a fraudulent email. Spelling should also be kept in mind as legitimate organizations often do not make spelling mistakes and their presence can also be a sign of fraud. The language used by cybercriminals is often used unnaturally, like a robot, with expressions that are not normally used.