Get All Access for $5/mo

How Hackers Take Advantage of a Crisis The threats are real, especially in today's climate.

By Brook Zimmatore Edited by Jessica Thomas

Opinions expressed by Entrepreneur contributors are their own.

Westend61 | Getty Images

While people are focused on maintaining their physical and fiscal health, there's another threat they're likely not considering — a digital one. It should come as no surprise that cyber criminals are taking advantage of current events to profit, but companies and individuals need to do more to protect themselves. It's time to ramp up your cybersecurity efforts to protect your data and users.

The most common exploits against businesses are as follows:

  • Phishing with crisis-related content

  • Ecommerce fraud leveraging "in-demand" wholesale products

  • Pandemic-related phone scams

Tried-and-true phishing scams are just one method that scammers employ. When victims open their inboxes to see messages purportedly from their financial institutions or even employers, they want to act quickly to avoid any unwanted consequences. However, the links in those messages bring phishing victims to sites that imitate those institutions — sometimes shockingly well. When the victim types their credentials into the login form, they are not signed into a trusted website. Instead, their information is sent to the scammer who can then access the user's account, including private and financial information, on the legitimate website.

Related: The One Cybersecurity Risk You're Probably Not Even Thinking About

Cyber criminals use email for another type of attack, one in which they purport to be from a medical organization such as the World Health Organization or the Johns Hopkins Center for Systems Science and Engineering. Although both organizations are legitimate and have been tracking the global health crisis, these emails do not contain the helpful information that the recipient might expect. Rather, the attachments contain malware that infects the victim's computer. These infections can track the victim's computer usage, steal sensitive data or use the infected system to spread to other computers, as was the case with malware known as AZORuIt that began circulating in early February 2020, Proofpoint reports.

In some instances, the malware might hijack the user's system until they pay an exorbitant fee to "unlock" their data. Of course, there is no promise that cyber criminals will make good on their word or that the malware will be fully removed from an infected computer. However, many victims are willing to pay the price because they lack backups or the tools to restore the data themselves. The risk of malware is even greater with so many people now working remotely to promote social distancing. Employees transfer others' sensitive data from devices and over connections that may have more vulnerabilities than company devices and systems.

Related: Five Ways To Protect Your Company Against Cyber Attacks

Where do these attacks originate? Cybersecurity firm FireEye has detected increased activity in China, North Korea and Russia, and users in the U.S., Europe and Iran are frequent targets. Research shows a spike in domain name purchases that relate to current events since late February — domains that could be used in phishing attacks — according to research by Recorded Future.

These cyber criminals don't even need to be skilled and experienced programmers, either. Resecurity, an American cybersecurity company, reports that one Russian hacking forum, XSS, even sells "phishing kits" that would-be scammers can deploy against their targets for just a few hundred dollars. That's a small price to pay for the potential payoff.

Related: 4 Tips for Keeping Your Data Secure While Everyone Works From Home

Although the World Health Organization has released an advisory about these cyber attacks, most people are concerned about the risks of the illness in the physical world. IT teams and companies have worked to increase awareness of these attacks, but it might already be too late for people who have fallen prey to such scams. These digital infections can take hold before anyone is aware.

Your final checklist of what to look out for:

  1. Fraudulent emails, seemingly coming from your bank, or healthcare provider asking you to take action via the email (log-in, open attachments, etc.)

  2. Offers or opportunities to acquire in-demand solution products for resale

  3. Unusual "opportunities" being proposed

  4. Phone scams from the government or other industries

Be safe out there.

Brook Zimmatore

Entrepreneur Leadership Network® Contributor

CEO of Massive Alliance

Brook Zimmatore is a media and publishing technologist, entrepreneur and author. He specializes in building technology for people and publishers that improves the information provided in the media.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Leadership

7 Telltale Signs of a Weak Leader

Whether a bully or a people pleaser who can't tell hard truths, poor leadership takes many forms.

Franchise 500 Annual Ranking

50 Franchise CMOs Who Are Changing the Game

Get to know the industry's most influential marketing power players.

Thought Leaders

6 Tips From a Clean Beauty Entrepreneur

Sarah Biggers went from a newbie in the natural beauty space to a pro in just a few years. Here are six things she wishes she'd known at the beginning.

Side Hustle

'Hustling Every Day': These Friends Started a Side Hustle With $2,500 Each — It 'Snowballed' to Over $500,000 and Became a Multimillion-Dollar Brand

Paris Emily Nicholson and Saskia Teje Jenkins had a 2020 brainstorm session that led to a lucrative business.

Marketing

5 Critical Mistakes to Avoid When Giving a Presentation

Are you tired of enduring dull presentations? Over the years, I have compiled a list of common presentation mistakes and how to avoid them. Here are my top five tips.

Science & Technology

5 Rule-Bending AI Hacks to Make Your Mornings More Productive and Profitable

By 2025, AI will transform productivity by streamlining workflows and cutting costs. Major companies like Microsoft, Google, and OpenAI are leading the way, advancing AI into "Phase 3," where tools act as digital assistants. Discover 5 AI hacks to boost efficiency and redefine your daily routine.