As the COVID-19 pandemic continues to threaten the health of people across the globe, many are taking precautions to stay safe. But taking precautions online may not be at the forefront of people’s minds.
Whether it be messages offering fake information from the Center for Disease Control and Prevention or fake government emails asking for personal information, cybercriminals are taking advantage of the pandemic to target people.
Jeff Barrington, assistant vice president for IT and information security officer at Tech, said cybercriminals will send messages with malicious links asking people to donate to a cause during the pandemic.
“But if you look, some of the same things that are always true are true here,” he said. “The return email address is not a known entity. There are some that we see talking about buying protective masks, personal protective equipment, things like that that are targeting folks to buy those, and then they go to a malicious website.”
If one is looking for information about COVID-19 or are wanting to donate to causes providing support during the pandemic, Barrington said one should find credible entities and websites. People should not click on an unknown link they find on social media or in their email.
Sam Segran, chief information officer and vice president for IT at Texas Tech, said selling fake COVID-19 cures and test kits is another method cybercriminals are using to target people.
“Some of those may be sites that are set up just to get information, like financial information or people’s credit card information,” he said, “or they could also be sites set up for gouging in terms of where they might have procured some items, and they’re turning around and selling it at humongous increases.”
In addition to these methods, Segran said cybercriminals may implement malware in these sites. Through links that showcase fake news about COVID-19, cybercriminals may spread malware.
It is very important for people to depend on legitimate sources, Segran said.
“Look at the URLs and make sure that it is the CDC site or the TTU site or a federal government site,” he said. “Any of these, you have to be careful. One little space or one little character is enough for it to go somewhere else.”
When one gets an email, Segran said he or she should verify the username along with the actual email. On social media, one should avoid clicking on short URLs because they can take a person anywhere on the web.
“I think that my biggest thing is, outside of the email, is social networks is what people need to be careful about,” he said. “During times like this, there’s a lot of communication going on social networks, such as Twitter, Facebook and things like that.”
Regardless of the types of methods cybercriminals use, there are variety of ways a person might try to protect themselves online.
In addition to utilizing the same cybersecurity practices the IT department tells people use, Barrington said there are other ways to protect one’s online presence.
“Some of the same basic, same cybersecurity practices that we always ask folks to do and continue to do things like make sure your systems are up to date on your applications and devices,” he said.
For those at Tech who need assistance with implementing cybersecurity while working remotely, Segran said one should visit https://www.depts.ttu.edu/infotech/learning-teaching-working-remotely/?1.
“Daily, we’re adding more things to that site, and some of those are based on, sometimes, things that we have observed or, sometime, they are questions people have asked,” he said. “We are continually tweaking the information on that resource page.”