Practising Cyber Hygiene during the COVID-19 Pandemic

Published:26 March 2020

Dr Ritesh Chugh is a senior lecturer and discipline leader (Information Systems and Analysis) in the School of Engineering and Technology at CQUniversity.

During the COVID-19 pandemic, apart from the coronavirus attempting to infect our bodies, online scammers are also trying to infect our computers and perpetrate a range of other scams.

That's according to CQUniversity’s Information Systems and Analysis Leader, Dr Ritesh Chugh who says everyone needs to stay on guard as these threats are global.

Dr Chugh has reflected on the various coronavirus-related scams and what the public should do to stay safe online.

After receiving nearly 100 reports of coronavirus-related scams, the Australian Competition and Consumer Commission has warned that more people will fall victim.

"Similar to the vulnerability of older people to coronavirus, scammers also find them an attractive target. INTERPOL, the FBI and the UK’s Metropolitan Police Service have also warned the public to be aware of coronavirus-related scams, particularly as they continue to rise," Dr Chugh says.

"The unsuspecting public needs to watch out for the numerous COVID-19-related scams currently circulating. These scams are usually spread through email, text messages and social media to extract personal and financial information such as usernames, passwords and addresses. In some cases, links and attachments are also transmitted, which could install malicious software on user computers."

Watch out for:

Email phishing – There are Emails offering coronavirus-related advice (with attachments) appearing to be from legitimate organisations. Opening the attachments could download malicious software to your computer. Sometimes, there will be links rather than attachments, which take users to a spoofing site to capture personal information.

Ransomware attack - Spam emails can also contain links or attachments that install ransomware on your computer. Ransomware encrypts files or locks computers, with the perpetrator then asking for a ransom to decrypt the files, or unlock infected machines.

Spoofing sites – These are lookalike fraudulent websites with similar content and URLs to legitimate sites, with the intention to capture login information or download malware. The malware could be a keystroke logger that transmits every keystroke back to the fraudster. These websites may offer fake treatments or cures for coronavirus.

Impersonations – These are scammers posing as health agencies and asking for credit card details for medical prescriptions under false pretences.

Text scams – There are Coronavirus-related text messages that appear to be from government-related agencies spreading disinformation and harvesting users’ personal and financial information.

Social media advertisements – There are fraudulent COVID-19 home test kits being peddled on social media.

Faux fundraising – Scammers are creating fake charities or impersonating real ones to capitalise on the goodwill of people during this pandemic.

Practice Cyber Hygiene

To stay safe from these online scams, users need to take precautionary steps to protect their valuable data from being stolen and the integrity of their computer systems from being compromised. Some cyber hygiene tips are:

  • Be wary of clicking on hyperlinks in emails and text messages from unknown people or mobile numbers.
  • Don’t reply to text messages or emails soliciting your personal information. Government agencies and financial institutions do not email or send text messages asking for personal or financial information.
  • Check the URLs to ensure they are legitimate. Watch out for misspellings, grammar mistakes or other glaring errors in email or text messages.
  • Verify all web links by hovering your mouse over the link. This will show you the exact website address as it could be a misspelt variation. And to be safe, type the web address in your browser rather than clicking on the provided link.
  • Install anti-virus software and ensure it is up to date.
  • Check security information of websites by clicking the padlock symbol adjacent to the address bar.
  • Use multi-factor authentication, which makes it difficult for scammers to access your sensitive information.

"Finally, don’t fall victim to coronavirus-related fears, be diligent and stay vigilant. You don’t want to unsuspectingly give your personal information to scammers or pay for a product or service that you will never receive!" Dr Chugh says.