Warnings have been issued against a large-scale cyber phishing attack targeted at individuals and businesses. Hackers are taking advantage of the disruption and fears caused by the COVID 19 pandemic to steal personal and financial information from people.
There is, therefore, a need to be prepared for these phishing attacks which could impersonate government agencies, departments and trade bodies that have been tasked to oversee the disbursement of aid.
The attackers send malicious emails, which are designed to drive recipients towards fake websites. They are then deceived into downloading malicious files and/ or entering personal and financial information. This could also be done via SMS, WhatsApp messages and other social media platforms.
We recommend the following actions
1. Securing your Client area Account with 2-Factor Authentication.
2. Enable login into Client area Account via social tools like Facebook, and Google
3. Run a Scan on your device for Malware using Malwarebytes
4. Use Codeguard to ensure periodic backup of your websites
5. Use Sitelock to scan your website for malware and vulnerabilities, detects threats, and fix problems or security risks it encounters on your website
6. Consider the use of VPN
7. Always backup your emails via Microsoft Outlook or Read your emails on Gmail
Note: For organizations that consider Email to be an important part of their process, we recommend the use of Google suite
For Best Practices on suggestions given to improve your security, click EAC directory Security Best practices
Monday, June 22, 2020