During the pandemic, many businesses turned to remote working practises due to COVID-19 restrictions. However, as these businesses moved the majority of their work online, cyber attackers began to hit. Small-medium enterprises (SMEs) underestimated cybersecurity’s value during the pandemic and thus, became easy targets for cybercriminals.
In fact, cybersecurity firm Cyfima reported a 280% increase in SME cyberattacks during the pandemic. Google registered over two million phishing websites designed to jeopardise businesses and individuals’ digital security across the world. The business industry is becoming increasingly reliant on the digital world, and cyber threats are only becoming more sophisticated as time goes on.
From March to September 2020, there were a staggering 45046 email attacks each month in the UK. Cybercriminals began to focus on email attacks as workers became more reliant on their company emails during lockdown. Phone and text scams dropped to their lowest point for the first month of lockdown in March 2020.
Cybercriminals exploited individuals’ fear of the virus during the pandemic and lured them into fraudulent websites and email links. Google reported, in April 2020 alone, they were blocking a whopping 18 million malicious emails per day. Phishing scams have been on the rise for years, and the pandemic only accelerated this long-term trend. In fact, Google reported the number of phishing websites has increased by 12.89% every year since 2015.
Fortunately, there are a few ways employees and individuals can spot cyber threats and avoid the damage they can incur. Firstly, individuals should look at the send email address and whether they use a public email domain, like Yahoo, Outlook or Gmail. The domain comes after the @ symbol. If they use a company email domain, you should cross-check their name against the company to ensure it is legitimate.
Furthermore, if they do use a company email domain, make sure it is spelled correctly. Anyone can buy a domain name, and hackers often create addresses that are nearly identical to well-known companies. For example, a hacker may use the domain ‘@brightcare’ instead of the legitimate ‘brightcore’ company domain.
Companies should invest in business insurance so that you have the appropriate policy to cover any damages in the event of a breach.
Scammers are often from non-English speaking countries with limited access to the English language. Check to see if the email uses poor spelling and grammar. Of course, bear in mind that everyone makes common typos because of human error. However, non-English speaking individuals are likely to make grammatical errors that are down to using Google translate.
Before clicking on any suspicious attachments or links, hover your mouse over them and look at the link. Do not open the attachment or link until you are sure it looks legitimate.
Scammers will frequently include ‘URGENT’ in the subject of an email. Cybercriminals know that you are more likely to identify the email as fraudulent if you consider it for longer. Take your time before opening an email to avoid a breach of data and improve your digital security.