TALKING
business
‘‘
In the Middle East, many businesses and
authorities have had to warn customers and
residents of fake emails being sent out in
their name. Some regional airlines shared
warnings about malicious emails offering
them refunds on cancelled flights.
On our own grid, our threat intelligence
team discovered a phishing scam offering an
immediate air ticket refund in exchange for
credit card details.
The Central Bank of UAE released an
announcement at the end of March, saying:
“Fraudsters always look for opportunities
to target consumers, and as the public is
engaged with COVID-19 pandemic news,
they are using different tactics to increase
fraudulent activities on banking customers.”
The most popular COVID-19 phishing
scam themes seen by the Mimecast Threat
Intelligence team include:
• COVID-19 policy updates – emails
designed to look like they’re from HR
departments, directing employees to
‘login’ and read updated business policies
regarding the pandemic and working
from home.
• Coronavirus testing – offering DIY kits,
which take victims to fake sites where
they capture their credit card data.
• Virus updates from healthcare
authorities – with fake links to the
Centres for Disease Control and
Prevention (CDC) and the World Health
Organisation (WHO).
Build a cyber secure workforce
With significant disruptions likely for many
months, security professionals in the Middle
East need to review their cybersecurity
strategies and arm employees with
knowledge needed to protect themselves,
and the business, against these attacks.
Security and IT teams should encourage
employees to:
• Update home Wi-Fi with a strong password.
• Never click on COVID-19 related
attachments received outside your
trusted perimeter.
• Double-check links – if suspicious, do
not click!
• Ensure links go to the correct domain.
• Update usernames and passwords on
trusted sites only.
• Do not use personal devices at home to
access business networks, data or emails.
Most importantly, there’s an urgent need
to refresh employee awareness training, as
highlighted by the rise in unsafe clicks seen
in our report. The report also showed that
employees from organisations that didn’t
have regular awareness training were five
times more likely to click on unsafe links.
“
BY INSTILLING
A CULTURE OF
CYBERSECURITY,
ORGANISATIONS
PLACE
THEMSELVES IN
A FAR BETTER
POSITION TO
DEFEND AGAINST
GROWING
CORONAVIRUS-
RELATED
ATTACKS.
Now, more than ever, employees need to
be continuously educated about risks and
should be trained remotely.
By instilling a culture of cybersecurity,
organisations place themselves in a far
better position to defend against growing
Coronavirus-related attacks. •
38 INTELLIGENTCIO www.intelligentcio.com