How Hackers Take Advantage of a Crisis The threats are real, especially in today's climate.

By Brook Zimmatore Edited by Jessica Thomas

Opinions expressed by Entrepreneur contributors are their own.

Westend61 | Getty Images

While people are focused on maintaining their physical and fiscal health, there's another threat they're likely not considering — a digital one. It should come as no surprise that cyber criminals are taking advantage of current events to profit, but companies and individuals need to do more to protect themselves. It's time to ramp up your cybersecurity efforts to protect your data and users.

The most common exploits against businesses are as follows:

  • Phishing with crisis-related content

  • Ecommerce fraud leveraging "in-demand" wholesale products

  • Pandemic-related phone scams

Tried-and-true phishing scams are just one method that scammers employ. When victims open their inboxes to see messages purportedly from their financial institutions or even employers, they want to act quickly to avoid any unwanted consequences. However, the links in those messages bring phishing victims to sites that imitate those institutions — sometimes shockingly well. When the victim types their credentials into the login form, they are not signed into a trusted website. Instead, their information is sent to the scammer who can then access the user's account, including private and financial information, on the legitimate website.

Related: The One Cybersecurity Risk You're Probably Not Even Thinking About

Cyber criminals use email for another type of attack, one in which they purport to be from a medical organization such as the World Health Organization or the Johns Hopkins Center for Systems Science and Engineering. Although both organizations are legitimate and have been tracking the global health crisis, these emails do not contain the helpful information that the recipient might expect. Rather, the attachments contain malware that infects the victim's computer. These infections can track the victim's computer usage, steal sensitive data or use the infected system to spread to other computers, as was the case with malware known as AZORuIt that began circulating in early February 2020, Proofpoint reports.

In some instances, the malware might hijack the user's system until they pay an exorbitant fee to "unlock" their data. Of course, there is no promise that cyber criminals will make good on their word or that the malware will be fully removed from an infected computer. However, many victims are willing to pay the price because they lack backups or the tools to restore the data themselves. The risk of malware is even greater with so many people now working remotely to promote social distancing. Employees transfer others' sensitive data from devices and over connections that may have more vulnerabilities than company devices and systems.

Related: Five Ways To Protect Your Company Against Cyber Attacks

Where do these attacks originate? Cybersecurity firm FireEye has detected increased activity in China, North Korea and Russia, and users in the U.S., Europe and Iran are frequent targets. Research shows a spike in domain name purchases that relate to current events since late February — domains that could be used in phishing attacks — according to research by Recorded Future.

These cyber criminals don't even need to be skilled and experienced programmers, either. Resecurity, an American cybersecurity company, reports that one Russian hacking forum, XSS, even sells "phishing kits" that would-be scammers can deploy against their targets for just a few hundred dollars. That's a small price to pay for the potential payoff.

Related: 4 Tips for Keeping Your Data Secure While Everyone Works From Home

Although the World Health Organization has released an advisory about these cyber attacks, most people are concerned about the risks of the illness in the physical world. IT teams and companies have worked to increase awareness of these attacks, but it might already be too late for people who have fallen prey to such scams. These digital infections can take hold before anyone is aware.

Your final checklist of what to look out for:

  1. Fraudulent emails, seemingly coming from your bank, or healthcare provider asking you to take action via the email (log-in, open attachments, etc.)

  2. Offers or opportunities to acquire in-demand solution products for resale

  3. Unusual "opportunities" being proposed

  4. Phone scams from the government or other industries

Be safe out there.

Brook Zimmatore

Entrepreneur Leadership Network® Contributor

CEO of Massive Alliance

Brook Zimmatore is a media and publishing technologist, entrepreneur and author. He specializes in building technology for people and publishers that improves the information provided in the media.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Leadership

The End of Bureaucracy — How Leadership Must Evolve in the Age of Artificial Intelligence

What if bureaucracy, the very system designed to maintain order, is now the greatest obstacle to progress?

Devices

The Last Pen You'll Ever Have to Buy — Never Run Out of Ink Again With the ForeverPen

The world's smallest inkless pen is durable, portable, and built to last.

Devices

Save 45% on an iPad Air With This Holiday Sale

You got gifts for everyone else—now it's time to treat yourself.

Business Ideas

Is Your Business Healthy? Why Every Entrepreneur Needs To Do These 3 Checkups Every Year

You can't plan for the new year until you complete these checkups.

Science & Technology

This AI is the Key to Unlocking Explosive Sales Growth in 2025

Tired of the hustle? Discover a free, hidden AI from Google that helped me double sales and triple leads in a month. Learn how this tool can analyze campaigns and uncover insights most marketers miss.