It’s been more than half a year since the first coronavirus cases made it into the public eye, yet we seem to be nowhere near the end of this ongoing challenge. Life as we know it has changed, forcing us to move most of our activities at home, including work, education, entertainment and shopping.

But the fact that we rely so much on the online now does come with a series of challenges and threats, including cyberattacks. And even though cyberattacks were not something out of the ordinary, the methods hackers use now are hitting too close to home. Bogus drugs meant to treat or prevent catching the virus, fake websites selling vaccines, tests and medical supplies, and false promises to expedite the process of receiving government stimulus checks – this is what fraud looks like in the age of COVID-19.

In March and April of this year, hacker activity against U.S. corporations has more than doubled, with cyber-fraudsters taking advantage of work-from-home policies, which weaken companies’ cybersecurity. Another important factor that works to the advantage of digital thieves is people’s fear of catching the virus or witnessing their finances crumble.

These challenging times are opening the door to unlimited opportunities that fraudsters can’t wait to leverage.

Stay-at-home policies facilitate hacking activity

Most of the time, companies do have a set of rules in place, to ensure safe online communication when employees are using corporate devices. However, when employees need to bring their work home, together with those devices, corporate cybersecurity rules are a little harder to impose.

What’s interesting about cybersecurity is that, at its root, it is neither a software, nor a hardware issue, but rather a human issue. It is not the computer that exposes itself to threats, but the user in front of the screen. And because hackers are, in fact, extremely smart individuals, they can spot this immediately and adapt their techniques to convince people into giving away sensitive information.

Ransomware attacks, which use software that can block a user’s access to their computer, have grown by 148%in March alone, as companies need to tweak their networks so that employees can gain access to corporate servers from their home computers.

Many corporations and individuals use VPN services, which help reduce some of these risks, but only if they use a reliable provider that ensures private networks are kept updated and properly maintained.

Taking advantage of people’s fears

The pandemic has put millions of people out of work or in front of some serious financial challenges, and fraudsters know just how to take advantage of that.

Take, for example, the government stimulus payments, which hundreds of thousands of Americans are expecting. By April 15, the Federal Trade Commission has already received over 18,000 fraud complaints related to the coronavirus pandemic. Phishing emails, sketchy phone calls and text messages; hackers are using whatever they can to extract money from vulnerable individuals.

Hospital and healthcare facilities are already under severe pressure, but cyber attackers are using this to their advantage. A number of healthcare institutions saw their computers shutting down, or their networks blocked, with hackers demanding ransoms to give back access to the servers.

In April, the San Francisco Airport cyberattack was all over the media, showing just how ruthless hackers can be. Two of the airport’s websites were compromised, and hackers gained access to users’ Windows device credentials.

In Oakland and Berkley, students were the target of attacks, when an unknown individual gained access to a Zoom video conference where high school students were taking an online course. This led to a ban on video conferencing with students until their safety could be ensured.

Pandemic scams are on the rise

Besides direct attacks, fraudsters are also engaging in numerous scamming activities, posing as government officials, healthcare professionals or benefactors. The Federal Trade Commission issued a warning, recommending people not to respond to messages or phone calls from people claiming to have information about government stimulus payments, and this is just one method scammers are using to take advantage of exposed individuals.

Fraudulent websites, which look identical to legitimate government sites, are posting Covid-19 information, together with malicious ads that ask people for their personal information. What’s more, some scammers have put up e-commerce websites selling face masks, sanitizers or other cleaning supplies, which are, in fact, used to collect credit card information and personal data from users. Using adblockers and ensuring a website’s URL or domain name is legit are a few ways individuals can protect their private data.

Robocallers are also something to look out for, as they can use software to tweak their phone numbers into looking like they may be calling from your bank or a government agency. They can ask for personal information, claiming they need such details to confirm your identity, and use that information to get access to your bank account later.

How can I protect myself from fraud?

Cyberattacks happen at every hour of the day, pandemic or no pandemic, and it is up to us to protect our private information from unwanted eyes. Some simple practices and healthy cyber-habits can help increase our online security, including:

  • Always use a strong password, which contains uppercase letters, lowercase letters, numbers and signs and is at least 8 characters long. Make sure to change your password regularly.
  • Install a VPN, which helps you create a private network that keeps your online activity private and your personal information protected.
  • Constantly update your operating system and internet security software, as hackers often take advantage of bugs or errors.
  • Use an antivirus and firewall that comes from a reliable source, is continuously kept up to date and provides the type of security you need.
  • Don’t click on emails, links or attachments from unknows senders. If you happen to receive a suspicious email, flag it as spam and do not respond to it.
  • Never divulge any personal information via email, messaging apps or unreputable websites. Pay close attention to the URL and domain of the website or do a Google search to make sure you are on the correct website.