Cybercriminals are Exploiting the Pandemic: Here’s What to Know to Protect Your Data
There has been a significant increase in cybercrime and identity theft in the wake of the coronavirus pandemic. Since March, the federal trade commission (FTC) has reported spikes in online scams ranging from phishing to websites impersonating government agencies and healthcare organizations to collect victims’ sensitive data.
In just a single day in May, the FTC received reports of nearly 1,500 COVID-19-related scams, according to Security.org.
COVID-19 has given criminals new opportunities to prey upon a panicked public through social media, personal and business email, and bogus data collection forms. While cybercrime was on the rise before the pandemic, we’ve seen a staggering 30,000% increase in global cyber threats this year, according to Ratchet + Wrench.
Here’s what you need to know to protect yourself and your patients:
Anyone Can Be A Victim
Cybercriminals use various strategies to gain access to personal accounts, such as financial institutions, credit reports, and even medical information — and often cast a wide net targeting both organizations and individuals alike. In COVID-19 related incidents, law enforcement has reported increases in breaches involving ransomware, email phishing and spammy links across social media platforms.
Once they gather enough personal information, hackers often use this data to access bank accounts, credit cards and other financial assets. Often, they’ll sell information to other cybercriminals via the dark web. That means, once your data is exposed, it could be used again and again.
In some cases, hackers will infiltrate an organization’s network using malicious software called ransomware, steal data, and block access to critical networks and systems until the organization pays a ransom. And because healthcare organizations store a significant amount of sensitive patient data, they make a prime target for these types of attacks.
As you can imagine, becoming a victim of a cyberattack isn’t just financially damaging. In the healthcare world, peoples’ lives hang in the balance, too.
While there’s no way to guarantee you won’t become a victim, there are a few things you can do to mitigate your risk. The first is to educate yourself on the types of scams and stay aware.
3 Common COVID-19 Related Scams
Here are three of the most popular COVD-19 related scams:
- Medical supply scams: This is a particularly heinous approach to bilk medical practices, businesses and individuals out of money earmarked for COVID-19-specific protection. Websites that offer PPE, testing kits and vaccines at prices that are too-good-to-be-true are popping up across the internet.
These fraudulent companies will take your payment information and never deliver, or worse, provide products that are nonconforming, counterfeit or expired. They may also steal your identity via your payment information and sell that data to other cybercriminals.
- Social engineering (impersonation) scams: These attempts to defraud and steal from organizations and individuals are also on the rise. Scammers represent themselves as a medical agency or health organization selling bogus products to prevent, diagnose, or treat coronavirus. There has also been a jump in phony government agencies claiming to provide information graphing, contact tracing, and heat maps, which are also fraudulent.
- Remote work scams: Employees who work remotely and their employers need to be on the lookout for scams involving changes of physical or email addresses or sudden (and suspicious) updates to personal information. Be aware and warn your patients, clients, and employees not to provide any personal information, click on links, download attachments, or wire or transfer any money to an unverified address or account. Remind them you’d never ask for their personal information via email or other unsecured platforms.
What to Do if You Become a Victim
Unfortunately, most Americans will eventually become a victim of cybercrime or identity theft. After all, cybercrime in the U.S. occurs every two seconds and, 164 million people were impacted by breaches in the first half of 2020 alone, according to the Insurance Information Institute.
Criminals are growing increasingly more sophisticated and always seeking new ways to defraud businesses and individuals. Here are a few things the FTC recommends you should do if you become a victim of cybercrime:
- Change your passwords immediately
- Contact the government agency or business where the fraud occurred and alert them to the fraud and file a report
- Contact the credit reporting agencies, put a freeze or hold on your credit accounts, and obtain credit reports from all three credit agencies (Experian, Equifax, and TransUnion)
- Report any suspicious activity and dispute fraudulent claims (Links are available at FTC website)
- Report your identity theft to the FTC and obtain a report number
- Notify your bank(s) immediately
- Remain vigilant for any other suspicious activity
2020 was a banner year for cybercrime, and 2021 isn’t likely to be much better. Stay aware of potential threats, and encourage your colleagues and patients to do the same.