A growing number of online fraudsters are exploiting the public fear surrounding the COVID-19, using the pandemic to lure people into clicking phishing emails and installing malware capable of stealing personal data and money.
According to a press release, the government has stated that fear during a crisis can expose people to data privacy risks, increasing the likelihood of making hasty or ill-informed choices online, which fraudsters are taking advantage of.
In view of these heightened risks, the National Privacy Commission is appealing to everybody to be very careful online, especially when using online financial services and accessing health-related apps.
The government urges its citizens to be cautious with the sites they visit and enhance privacy settings to protect personal data.
In this period of home quarantine, digital access becomes the main gateway not just for news but also to coordinate tasks with co-workers, make online financial transactions and most importantly, get in touch with loved ones.
Indeed, now is the worst possible time to fall victim to online fraudsters, the release added, they can steal sensitive data, cause financial and reputational damages, and make devices unusable and cut off from the outside world.
To avoid such scenarios, the National Privacy Commission encourages citizens to practice the following tips to protect personal data in the time of COVID-19:
- Do not give out personal data in suspicious COVID-themed emails and messages.
Is the email or message unsolicited? Does it urgently encourage you to open the attached file? Is it promising COVID vaccines or cure that has not been reported on the news or credible websites? Do not click them. It is most likely a phishing attack that steals financial data such as credit card or online banking details.
- Make trusted government and other legitimate websites the go-to source for the latest COVID information.
There are a lot of questions about the pandemic, which will not be answered on random websites or applications. What one may find on these sites instead are suspicious links, pop-ups and downloadable files, resulting in a ransomware infection that could lock the user out of their devices. Not only is this protection from ransomware by relying on trusted sources but also one can avoid misinformation.
- Ensure that charity or crowdfunding campaigns are legitimate.
Research online or through social media contacts about the charity or crowdfunding campaign. Know where the donations will go. Think twice if the charity rushes or pressures you or makes unrealistic promises just to get you to donate. If you’ve decided to make the donation, be sure to check your bank statements and see if you’ve been charged the right amount.
- Be mindful of phishing baits from online scammers.
Scammers want users to click on a link or give their password, account number, and other personal information. This way they can steal identities, money, and gain access to computers or cell phones. To do this, they use familiar company names or pretend like someone you know.
When you receive such messages, be sceptical. Look up the website or phone number for the company or person. Call them directly using the company’s official number or email. Never give any personal information especially a password and pin number.
Most phishing attempts use bad grammar and spelling. There are some, however, that looks legitimate and very convincing.
OpenGov had written about cyber resilience in a pandemic. Driven by fear, urgency and necessity could mean that cyber resilience takes a back seat for companies and individuals.