{"id":5840,"date":"2020-03-13T02:51:04","date_gmt":"2020-03-13T02:51:04","guid":{"rendered":"https:\/\/www.n-able.com\/?p=5840"},"modified":"2021-10-01T11:48:24","modified_gmt":"2021-10-01T10:48:24","slug":"coronavirus-scams-staying-safe-times-elevated-risk","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk","title":{"rendered":"Coronavirus Scams: Staying Safe in Times of Elevated Risk"},"content":{"rendered":"<p>Email phishing campaigns and malware through emails are nothing new, but when combined with something like a global coronavirus spread, the risk can be even higher\u2014adding significant digital risk on top of the physical risk of infection.<\/p>\n<p>It\u2019s common for phishing email and malware creators to capitalize on a current issue. After all, their job is to pique the interest of an end user enough to get them to open the email.<\/p>\n<p>At that point they might use a few different angles, depending on the campaign. During times like this it\u2019s critical you ensure your customers and their end users are aware of the types of scams going on. Make sure you have a communication plan to supply valid information to prevent your users from seeking other sources.<\/p>\n<p>For many years bad actors have employed spam, phishing, and spear phishing techniques for several end goals:<\/p>\n<ol>\n<li>Trick a user into clicking on a malware-laden attachment to infect the system. This allows an attacker to gain a foothold in a network to perform more reconnaissance and follow-on actions (including data exfiltration and ransomware deployment) within the environment.<\/li>\n<li>Convince a user to go to a website that will execute scripts to install malware for the same reasons as above.<\/li>\n<li>Masquerade as a charity and convince the user to donate funds or give their credit card number.<\/li>\n<li>Impersonate the company the user works for and trick them into giving up their credentials (such as creating a look-alike Office 365 login page to give access to a document).<\/li>\n<li>Craft the email to look like an invoice from a vendor or a message from an internal higher-up, convincing someone in accounting to pay the fraudulent invoice.<\/li>\n<\/ol>\n<p>Something as front and center as the coronavirus spread presents opportunities for widespread attacks anywhere in the world. As the\u00a0<em>actual<\/em>\u00a0virus spreads to more countries and cities, the population will be looking for up-to-date information, and a well-timed email might be all it takes for someone to fall for a scam and put their information (or the business they work for) at risk.<\/p>\n<p>According to an\u00a0<a class=\"ext\" href=\"https:\/\/www.wsj.com\/articles\/hackers-target-companies-with-fake-coronavirus-warnings-11583267812\" target=\"_blank\" rel=\"noopener noreferrer\">article<\/a>\u00a0by the Wall Street Journal, these scams started in January in heavily affected areas, and are likely to pick up as the threat of infection reaches more locales.<\/p>\n<p>Here are a few methods to look out for, as discussed in the article:<\/p>\n<ul>\n<li>Emails from state and local authorities with purported guidance on the situation in your region with attachments or links to other documents<\/li>\n<li>Communication from HR, internal officials, or even you (as the service provider to the company) that ask users to log in to view a document or has suspicious attachments<\/li>\n<li>Fake news notifications about someone infected in your area<\/li>\n<li>Emails regarding outstanding invoices from a vendor of medical supplies<\/li>\n<\/ul>\n<p>Especially now, as companies begin to institute work-from-home policies, employees who are not used to being in a home environment might be more tempted to click on an email or engage in risky behavior, because they are in a different setting.<\/p>\n<p>There are a few things you can do to help ensure your users practice safer email and online habits during these times:<\/p>\n<h3><b>Establish an official communication channel early and ensure that all users know the email address and format of the communications<\/b><\/h3>\n<p>Early on, when an event or issue arises that affects the entire organization or one or more regions your users are in, send out an email stating you\u2019re monitoring the situation and will send regular updates to the organization. State the timing of these notifications, and then ensure you follow that schedule so users aren\u2019t tempted to seek information elsewhere.<\/p>\n<p>Recommend a few \u201cvetted\u201d sites or resources that can supply them with legitimate information, and supply links to them in your communications as well. Most of these also offer guidance for staying safe in public as well as online. For coronavirus, a few of these are:<\/p>\n<ul>\n<li><a class=\"ext\" href=\"https:\/\/www.us-cert.gov\/ncas\/current-activity\/2020\/03\/06\/defending-against-covid-19-cyber-scams\" target=\"_blank\" rel=\"noopener noreferrer\">DHS<\/a><\/li>\n<li><a class=\"ext\" href=\"https:\/\/www.who.int\/\" target=\"_blank\" rel=\"noopener noreferrer\">The World Health Organization<\/a><\/li>\n<li>U.S. Centers for Disease Control and Prevention<\/li>\n<li>CNN, Fox News, MSNBC, and other major new outlets have a dedicated section on the coronavirus<\/li>\n<li>A local news website<\/li>\n<\/ul>\n<p>Regardless of what you supply, make sure you give this advice to your users:<\/p>\n<ul>\n<li>Only visit recommended sites or view the official communication emails.<\/li>\n<li>Do not click on links in other emails or open attachments from emails that reference the coronavirus outbreak, unless you can verify the sender.<\/li>\n<li>Carefully inspect the \u201cFrom,\u201d \u201cReply To,\u201d and signatures or text for misspellings and errors. Hint:\u00a0 if you click \u201cReply\u201d to an email, you can see the actual \u201cReply To\u201d email address at that point.<\/li>\n<li>Hover over links in emails to view the address the link will take you to. Shortened links and jumbled URLs are a risk as they can hide the actual website you\u2019re taken to.<\/li>\n<li>Never supply credentials to a site you accessed from an email, unless you are 100 percent sure the site is legitimate.<\/li>\n<li>Supply IT with any emails you receive that may be suspicious.<\/li>\n<\/ul>\n<h3><b>Give your users a way to report suspicious emails, communications, and potential compromise<\/b><\/h3>\n<p>Supplying a mechanism to allow users to forward emails to you will help you train them on what is legitimate and what isn\u2019t. It may add a little overhead to your time during events like this, but it will also help you spot trends in your customers\u2019 environments. If you see the same email delivered to multiple users and they report it, you can then send out a screenshot with examples to tell other users to avoid that type of email, since it\u2019s likely bad actors are targeting your domain. Additionally, if a user feels like they may have made a mistake, they can report this to you immediately so you can assess the risk based on their actions and give the proper advice\u2014like changing supplied credentials or looking for suspicious behavior on their laptop or device.<\/p>\n<h3><b>Ensure that endpoint security, email protection, and security controls are up-to-date and functioning across the environment<\/b><\/h3>\n<p>If you\u2019re considering allowing employees to work from home to prevent risk of additional spread of the infection, it\u2019s doubly important that you secure the assets the users are taking home. This means ensuring your email security solution is configured with proper settings. You\u2019ll want to prevent malicious emails from making it to inboxes and ensure all devices taken home have up-to-date endpoint security agents and definitions. It\u2019s also important to ensure users can access the work environment safely with VPNs or other remote access tools that are protected with two-factor authentication (2FA).<\/p>\n<p>Finally, make sure your technicians have the capability to remotely support these users securely, as they\u2019ll likely need assistance getting set up in a home environment.<\/p>\n<p>As the virus continues to spread, we can expect more opportunistic actors to engage in email campaigns and attempt to infiltrate or defraud users and the companies they work for.<\/p>\n<p>Taking just a few minutes to keep your teams, customers, and end users updated from a trusted advisor can make a big difference and demonstrate your value as a service provider.<\/p>\n<p>&nbsp;<\/p>\n<p><em>Gill Langston is head security nerd for SolarWinds MSP. You can follow Gill on Twitter at\u00a0<a class=\"ext\" href=\"https:\/\/twitter.com\/cybersec_nerd\" target=\"_blank\" rel=\"noopener noreferrer\">@cybersec_nerd<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Email phishing campaigns and malware through emails are nothing new, but when combined with something like a global coronavirus spread, the risk can be even higher. Gill Langston looks at&#8230;<\/p>\n","protected":false},"author":27,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-5840","post","type-post","status-publish","format-standard","hentry","topic-head-nerds","topic-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Coronavirus Scams: Staying Safe in Times of Elevated Risk - N-able<\/title>\n<meta name=\"description\" content=\"Email phishing campaigns and malware through emails are nothing new, but when combined with something like a global coronavirus spread, the risk can be even higher. Gill Langston looks at what this means for MSPs.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Coronavirus Scams: Staying Safe in Times of Elevated Risk - N-able\" \/>\n<meta property=\"og:description\" content=\"Email phishing campaigns and malware through emails are nothing new, but when combined with something like a global coronavirus spread, the risk can be even higher. Gill Langston looks at what this means for MSPs.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2020-03-13T02:51:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-10-01T10:48:24+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Gill Langston\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Verfasst von\" \/>\n\t<meta name=\"twitter:data1\" content=\"Gill Langston\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"6\u00a0Minuten\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk\"},\"author\":{\"name\":\"Gill Langston\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/ccb02e43837727da6ab962f5357e872a\"},\"headline\":\"Coronavirus Scams: Staying Safe in Times of Elevated Risk\",\"datePublished\":\"2020-03-13T02:51:04+00:00\",\"dateModified\":\"2021-10-01T10:48:24+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk\"},\"wordCount\":1215,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"articleSection\":[\"Head Nerds\",\"Security\"],\"inLanguage\":\"de\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk\",\"url\":\"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk\",\"name\":\"Coronavirus Scams: Staying Safe in Times of Elevated Risk - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de#website\"},\"datePublished\":\"2020-03-13T02:51:04+00:00\",\"dateModified\":\"2021-10-01T10:48:24+00:00\",\"description\":\"Email phishing campaigns and malware through emails are nothing new, but when combined with something like a global coronavirus spread, the risk can be even higher. Gill Langston looks at what this means for MSPs.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Security\",\"item\":\"https:\/\/www.n-able.com\/de\/blog\/category\/security\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Coronavirus Scams: Staying Safe in Times of Elevated Risk\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/de#website\",\"url\":\"https:\/\/www.n-able.com\/de\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/de?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/de#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/de\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/ccb02e43837727da6ab962f5357e872a\",\"name\":\"Gill Langston\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g\",\"caption\":\"Gill Langston\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Coronavirus Scams: Staying Safe in Times of Elevated Risk - N-able","description":"Email phishing campaigns and malware through emails are nothing new, but when combined with something like a global coronavirus spread, the risk can be even higher. Gill Langston looks at what this means for MSPs.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk","og_locale":"de_DE","og_type":"article","og_title":"Coronavirus Scams: Staying Safe in Times of Elevated Risk - N-able","og_description":"Email phishing campaigns and malware through emails are nothing new, but when combined with something like a global coronavirus spread, the risk can be even higher. Gill Langston looks at what this means for MSPs.","og_url":"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2020-03-13T02:51:04+00:00","article_modified_time":"2021-10-01T10:48:24+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg","type":"image\/jpeg"}],"author":"Gill Langston","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Verfasst von":"Gill Langston","Gesch\u00e4tzte Lesezeit":"6\u00a0Minuten"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk"},"author":{"name":"Gill Langston","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/ccb02e43837727da6ab962f5357e872a"},"headline":"Coronavirus Scams: Staying Safe in Times of Elevated Risk","datePublished":"2020-03-13T02:51:04+00:00","dateModified":"2021-10-01T10:48:24+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk"},"wordCount":1215,"publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"articleSection":["Head Nerds","Security"],"inLanguage":"de"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk","url":"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk","name":"Coronavirus Scams: Staying Safe in Times of Elevated Risk - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/de#website"},"datePublished":"2020-03-13T02:51:04+00:00","dateModified":"2021-10-01T10:48:24+00:00","description":"Email phishing campaigns and malware through emails are nothing new, but when combined with something like a global coronavirus spread, the risk can be even higher. Gill Langston looks at what this means for MSPs.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/de\/blog\/coronavirus-scams-staying-safe-times-elevated-risk#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Security","item":"https:\/\/www.n-able.com\/de\/blog\/category\/security"},{"@type":"ListItem","position":2,"name":"Coronavirus Scams: Staying Safe in Times of Elevated Risk"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/de#website","url":"https:\/\/www.n-able.com\/de","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/de?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/de#organization","name":"N-able","url":"https:\/\/www.n-able.com\/de","logo":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/ccb02e43837727da6ab962f5357e872a","name":"Gill Langston","image":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g","caption":"Gill Langston"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/5840","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/comments?post=5840"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/5840\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/media?parent=5840"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}