Stay cyberhealthy as fraudsters manipulate crisis

Canadian Centre for Cyber Security offers tips for reducing online risk


The Canadian Centre for Cyber Security is cautioning people to stay cyberhealthy during the COVID-19 crisis.

“We’re washing our hands, keeping our distance, coughing into tissues or elbows and doing our part to keep the healthcare system from becoming overloaded,” a centre advisory said.

However, not everyone is working in the public interest.

“Cyberthreat actors are taking advantage of people’s heightened levels of concern and legitimate fear around COVID-19, trying to spread misinformation and scam people out of their money or private data,” the advisory said.”

The centre said there are cases of COVID-19 maps that infect devices with malware, phishing emails with malicious links and attachments and spoofed COVID-19 websites.

As well, fraudsters are phoning people to say they have tested positive for COVID-19 and need to provide their banking information. Do not give it to them.

The centre has already warned people to be wary of COVID-19-related emails that could be used to gain access to personal or financial data in the wake of findings fraudsters were posing as the Public Health Agency of Canada.

As such, the centre advises four primary precautions to keep individual and business data safe:

  • Use unique passphrases and complex passwords;
  • Apply updates to your mobile devices, computers, and applications;
  • Store data securely and know backup procedures, and;
  • Secure your social media and email accounts

The centre said attacks from threat actors could come through malicious emails, attachments or websites.

To guard against emails:

  • Make sure the address or attachment is relevant to email content;
  • Make sure you know the email’s sender;
  • Look for typos, and;
  • Use anti-virus or anti-malware software on computers.
  • To guard against attachments:
  • Make sure that the sender’s email address has a valid username and domain name;
  • Be extra cautious if the email tone is urgent; and
  • If you were not expecting an attachment, verify with the sender.

To guard against websites:

  • Make sure URLs are spelled correctly;
  • Directly type the URL in the search bar instead of clicking a provided link; and
  • If you must click on a hyperlink, hover your mouse over the link to check if it directs to the right website.

The centre has created guidances for individuals and businesses available on its website.