Protect personal information while working from home

During the COVID-19 pandemic, please review these important reminders to protect personal information while working from home.

The Impact of COVID-19 on Cybersecurity

Sadly, cybercriminals are taking advantage of the COVID-19 pandemic as a thematic lure for their malicious activities. They know that presently many are anxious about the future and less likely to act prudently when presented with emails, SMS messages, or advertisements involving COVID-19 that would otherwise seem suspicious.

Criminals have developed enticing COVID-19-related content to trick potential victims into clicking on malicious links and attachments. Lures are commonly found in phishing email campaigns attempting to distribute information-stealing malware or ransomware on personal computers and mobile devices.

What to watch for

COVID-19 lures are increasingly used by criminals to advertise counterfeit medical supplies, elicit fraudulent donations, and support other fraudulent schemes.

These lures often attempt to imitate the branding of legitimate organizations in order to build trust in the victim. Cybercriminals are aware that the names and logos of international organizations or national health agencies are appearing more frequently in the news and on social media, but that most individuals are unfamiliar with their websites and communication activities.

Particularly Vulnerable

The COVID-19 pandemic has caused many staff, faculty and researchers to adapt to a remote working environment. As a result, many are accessing sensitive data through myVPN and cloud-based applications for the first time. To compound the vulnerability, many are using their personal devices and home Wi-Fi networks that are poorly secured in comparison to UBC’s on-campus network.

Much of the criminals focus is centered on staff and faculty that have appointments in units of strategic interest such as HR and finance, recruitment and development.

Even as on-site working restrictions are slowly being relaxed, provincial security professionals are anticipating an increase over the coming year in COVID-19 related cyber threat activity as more traditional espionage activities remain hampered by travel restrictions and physical distancing.

Videoconferencing Tools

In order to stay connected to students and fellow colleagues, many are introducing video-conferencing platforms such as Zoom and Skype for Business into their workday and criminals are looking to exploit this change in routine. Thankfully the UBC Cybersecurity team and UBC IT have worked together to publish practical advice for using recommended audio conferencing, virtual meetings and instant messaging tools.

Check out these instructions on how to get started using videoconferencing tools.

Then please consider this information regarding how to collaborate securely over video.

What's Next?

In the immediate future, it is almost certain that cybercriminals will continue to target individuals into divulging financial data or downloading malicious software. This will very likely be done by impersonating government correspondence or websites, similar to CRA-themed messaging during tax season. As physical distancing restrictions begin to soften across the province, cybercriminals will likely begin crafting phishing messages that revolve around vaccine development and production.

The Canadian Centre for Cyber Security has warned that “the Canadian health sector will almost certainly continue to be targeted by ransomware campaigns of varying sophistication in the immediate future.” UBC researchers must be on alert for possible nefarious messaging intended to hinder the development and production of important medical research.

What steps can you take to avoid being a victim of cybercriminals during the COVID-19 crisis? Please check out the Teleworking Guide and the Take Action Against COVID-19 Scams sections below.