While the number of COVID-19 cases continues to climb around the world, there has also been a dramatic rise in COVID-19 cyber threats which could have a devastating impact on your mortgage broking business.
From the beginning of March, the Australian Cyber Security Centre has observed a significant increase in COVID-19 themed phishing scam emails and text messages that are attempting to exploit individuals and businesses.
What are phishing scam emails and text messages?
Like the name suggests, phishing scams are fake messages designed to hook you in by impersonating official organisations or reputable brands that you know and trust.
Cybercriminals are currently sending COVID-19 themed phishing emails and text messages that can trick you into clicking on links to malicious websites, which look legitimate but actually steal personal information or install malware (malicious software).
There are also reports of COVID-19 phishing emails that try to trick you into opening harmful attachments. These attachments automatically download computer viruses or malware designed to provide cybercriminals with access to your devices, networks and online accounts.
How can you identify phishing emails and text messages?
To stay safe online during the COVID-19 crisis, it’s important that you and your team learn to identify phishing scams by looking out for suspicious emails and text messages that:
- Claim to be from health organisations or government departments inviting you to click on links or attachments with information about COVID-19.
- Pretend to be from government departments, banks or trusted businesses asking you to update or verify your personal/business information.
- Offer COVID-19 assistance payments if you complete an attached application form.
- Invite you to support a ‘Coronavirus Relief Fund’ by assisting with processing ‘donations’ as a casual employee or volunteer.
- Impersonate IT support desks asking you to grant remote access to your computer.
How can you protect your business against phishing scams?
Cybercriminals are very good at copying official branding, logos and phrasing to make phishing emails, text messages and websites appear legitimate. To protect your business, take the time to follow these simple precautions:
- Read messages carefully and check the email address, phone number and title of the links or attachments.
- Don’t click on the links or attachments in unsolicited messages.
- Don’t provide personal/business information to unverified people or websites.
- Don’t grant remote access to your computer to unverified IT support desks.
- If you’re unsure about a message, contact the organisation using the phone number or email address listed on its verified website.
- Turn on spam and message scanning services.
- Turn on automatic updates for computer operating systems, software applications, malware protection and mobile devices.
- Manage passwords and ensure they’re not being shared or reused.
- Change passwords to long, hard-to-crack passphrases.
- Enable multi-factor authentication wherever possible.
- Backup your business data regularly and keep a physical backup stored offsite.
- Train staff to follow cyber security guidelines while they’re working from home and using portable devices.
To keep up to date with the COVID-19 cyber threats that could have an impact on your mortgage broking business, regularly check the latest threat advice issued by the Australian Cyber Security Centre.