IT Vortex - Managed IT Services

Simple Steps to Protect You Against COVID-19 Social Engineering Attacks

As people around the world are faced with fears and concerns over the COVID-19 virus, criminals are also taking note. And unfortunately, they are using this as an opportunity to try and steal money and personal information by generating social engineering scams via email, text, and phone calls. 

Over the past few weeks, there has been an increase in attempts to lure unsuspecting victims into going to malicious sites, clicking on malicious links, or providing personal information over the phone under the auspices of COVID-19. Many of these scams attempt to impersonate legitimate organizations, such as the Center for Disease Control or the World Health Organization, by offering fake informational updates and even promises of access to vaccines – all for a price, of course!

Social Engineering Constantly Preys on the Only Vulnerability That Cannot Be Patched, Humans – You and Me

Moreover, nobody is safe from these efforts – from administrative employees, contractors, and interns on up to the C-Suite and even business partners can be targets to obtain access to our networks and sensitive information. And for those of us now connecting to the office through our home networks, even our children are potential targets. It is a perpetual bombardment, every day, every minute of the day, 24/7/365. 

Threat actors prefer the path of least resistance. They hack the psyche of targets (who rarely realize the disguises) as well as rely on publically available intelligence and interactions to generate victim profiles. Cybercriminals are experts in the art of masquerading, manipulating, influencing, and devising lures to trick targets into divulging sensitive data, and/or giving them access to our networks and/or facilities. 

Why Waste an Expensive 0-Day When Social Engineering Is So Effective?

Understanding the primary attack vectors used by the adversary is key when it comes to deterrence; examples of social engineering based attacks include the following. 

Digital Attacks

  • Phishing/Spearphishing – Email-based attacks that target everyone or a specific person or role within an organization in order to entice individuals to click on malicious links or enter credentials or other personal information.
  • Social Media Deception – Adversaries create fake profiles to befriend victims while posing as a current or former co-worker, job recruiter, or someone with a shared interest on social media, especially LinkedIn. Their goal is to trick the victim into providing sensitive information or downloading malware to their device.
  • Pretexting –Attackers focus on creating a good pretext, or a false but believable fabricated story, so that they can use it to pretend to need certain information from their target in order to confirm their identity.
  • WaterHoling – An attack strategy where attackers gather information about a targeted group of individuals within a certain organization, industry, or region as to what legitimate websites they often visit. Attackers look for vulnerabilities in these sites in order to infect them with malware. Eventually individuals in the targeted group will visit those sites and then become infected.

Phone Based Attacks

  • Smishing – A text-based message attack that impersonates a legitimate source in order to lure a victim into downloading viruses and malware onto their cell phone or other mobile device.
  • Vishing – Phone-based attack in which adversaries call a cell phone pretending to be from a legitimate source, such as a bank, as a means to try and convince the target into divulging sensitive information such as credit card information or social security numbers. Tactics used by these scammers often rely on what’s known as “caller ID spoofing.” ID spoofing allows them to generate phone calls that appear to be from a legitimate or local sources.

While our goal is to stay ahead of attacks, even the most advanced technology cannot always provide sufficient blockades against the constant barrage of cyberattacks, especially social engineering. The problem is, human error is involved in 95% of all security breaches. That is why it is imperative to ensure you and your fellow employees become the first line of defense, and that requires becoming security aware.

Strengthen Security by Taking These Simple Steps to Protect Your Personal and Proprietary Information

  • Be suspicious of any email or text message requesting sensitive information or financial transactions 
  • Hover over and review all hyperlinks prior to clicking to confirm they are from legitimate sources
  • Use multi-factor authentication for gaining secure access to sensitive systems and databases 
  • Ensure your browser, mobile devices, and computer systems are updated with the most recent protections
  • Never reuse passwords across multiple accounts and devices. Password uniqueness and complexity are paramount to safeguarding against additional risk to our networks

We have all been practicing social distancing over the last few weeks to protect against viruses and illness. Likewise, we should consider cyber distancing ourselves from our attackers. Keep your cyber distance by staying wary of suspicious requests, unknown attempts at contact, and unsolicited information and be the protector of your information, your networks, and your health.

Written by Renee Tarun

Powered by Fortinet, Delivered by IT Vortex.

Share this post

questions about our services?

Request a free consultation. Fill out the form and we will call you to answer all your questions



Tech Tips, Cyber Threat Mitigation, Cutting Edge Technology, Cost Savings and More!



 

IT Vortex, LLC is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. You will consent to us contacting you for this purpose, by submitting the form.

Apply for this position

Fill out the form below and our hiring team will reach out to you as soon as possible



zoom-logo

We use Zoom extensively to meet internally and externally. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

wasabi logo

Wasabi is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

vmware logo

Our Datacenter is built on a VMWare architecture. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation. 

veeam green logo

Veeam is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Trend Micro Logo
Solarwinds Logo

Solarwinds is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Proofpoint essentials Logo

Fortinet is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

observe IT Logo

ObserveIT/Fortinet is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

NEAT Logo

We use NEAT extensively in our offices. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

mitel logo

Our telephone platform of choice. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

microsoft logo

Various Microsoft technologies are offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation. 

ingram micro cloud logo

Our distribution preferred partner for our technology offerings.

Fortinet logo

Fortinet is offered in our Cloud Hosting Platform? We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

DTEN logo

We use DTEN extensively in our offices. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Dropbox logo

We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Dell logo

Dell servers are a key component offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Condusiv Technologies logo

Condusiv Technology is offered in our Cloud Hosting Platform? We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Cisco logo

Cisco Technology is offered in our Cloud Hosting Platform via DUO for MFA. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Barracuda Logo

Barracuda Technology is offered in our Cloud Hosting Platform. We are Certified Reseller, we have Certified Implementation Experts on staff, we provide architecture advisory services for a robust implementation.

Amazon_Web_Services_Logo

IT Vortex partners with AWS via VMware for the VMware on AWS offering that allows for cloud services fulfillment via AWS utilizing the same VMware products many companies already enjoy the benefits from.

ACTI Logo

Technology Reseller and Distributor, Certified Implementation Expertise with all ACTi products and services. IT Vortex has worked with ACTi for over a decade implementing security camera solutions for a multitude of industries with AI, Facial Recognition, License Plate Recognition, Loitering Detection, Cloud storage, and more.

questions about our services?

Request a free consultation. Fill out the form and we will call you to answer all your questions



microsoft logo

Name of the partner

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Ut enim ad minim veniam, quis nostrud exercitation ullamco. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Ut enim ad minim veniam, quis nostrud exercitation ullamco Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Ut enim ad minim veniam, quis nostrud exercitation ullamco. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Ut enim ad minim veniam, quis nostrud exercitation ullamco

Security as a Service (SECaaS) by IT Vortex

Pricing Calculator

Choose a service, answer a few simple questions, and receive an individual quote for our services

User count by type

Fill out the form and we will call you to answer all your questions