End of Goverment Coronavirus Job Retention Scheme leaves businesses vulnerable to phishing attacks
As the government’s Coronavirus Job Retention Scheme begins to close down this week, the threat landscape for cybercriminals remains vast, with hackers capitalising on the employees that are out of work because of the pandemic.
The comment from David Emm, principal security researcher at Kaspersky which discusses why employees and employers need to remain vigilant, even though the scheme is coming to an end.
"With the government’s Coronavirus Job Retention Scheme (CJRS) coming to a close yesterday, now is the time for organisations to be extra vigilant as cybercriminals continue to capitalise on the pandemic.
At this time of crisis, many people are in need of financial support and cybercriminals will be looking to catch businesses off guard by sending out phishing emails in an attempt to steal personal information. In this particular situation, it is imperative to treat any email or text apparently received from an official body with extreme caution as it could be an attempt to obtain bank account information. With frequently changing policies, there is a chance that organisations are unaware of this scheme coming to an end, and it is these groups who will be the most vulnerable to ongoing phishing attacks."
To avoid mistaking a scam for a real offer of assistance, Kaspersky recommends the following:
• Apply for government support only on official websites. Do not follow links in e-mails, and do not open attachments. Instead, type the URL of the relevant agency into the browser, and check there if you’re entitled to compensation.
• Pay attention to the sender’s address: If it looks like gibberish or the domain belongs to a free webmail service, it is hardly likely to be from a government body.
• Pay attention to how the message is written and how the website looks. Civil servants usually do not send out messages full of typos and strings of exclamation points. Also be wary if the e-mail mentions long lines of applicants or tight deadlines.
• A demand to pay an up-front fee to get the process started (or for any other reason) is another sure sign of fraud. Bona fide government departments and banks do not require this. If there really is a commission to pay, a real organisation will simply deduct it from the amount that you are due.
• Use a reliable security solution that can spot and block both malicious e-mails and phishing pages.