One cyber security failure can result in a successful ransom ware attack or data breach that could cause tremendous damage. There’s no need to panic, but neither is there time to ignore the issue.
If you get a mail in your inbox promising a free Covid test, it should raise red flags. Banks are warning account holders that such mails that are landing in inboxes of unsuspecting account holders can compromise their accounts’ safety and, in fact, be a carefully crafted phishing attack.
The subject line of these emails could be free COVID-19 testing. Stating, “It has come to our notice that a cyber-attack is going to take place in major cities of India, the State Bank of India (SBI) has asked to refrain from clicking on emails coming from email@example.com with a subject line Free COVID-19 Testing.
It is advised to watch out for IDs like ‘firstname.lastname@example.org’ and beware of malicious phishing emails, SMS, and messages on social media.
Dos and Don’ts
Don’t open attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an unsolicited e-mail, even if the link seems benign.
In cases of genuine URLs close out the e-mail and go to the organization’s website directly through browsers. Exercise caution when opening e-mail attachments even if the attachment is expected and the sender appears to be known.
Scan for and remove suspicious e-mail attachments; ensure the scanned attachment is its “true file type” (i.e. the extension matches the file header).
Beware about phishing domain, spelling errors in emails, websites and unfamiliar email senders. Check the integrity of URLs before providing login credentials or clicking a link.
Do not submit personal information to unknown and unfamiliar websites.
Beware of clicking from phishing URLs providing special offers like winning prize, rewards, cashback offers.
Consider using Safe Browsing tools, filtering tools (antivirus and content-based filtering) in your antivirus, firewall, and filtering services.
Update spam filters with latest spam mail contents. Any unusual activity or attack should be reported immediately at email@example.com with the relevant logs, email headers for analysis of the attacks and taking further appropriate actions.