Freely subscribe to our NEWSLETTER

Paul argues that it’s important that consumers make sure they verify any potential emails and websites that appear authentic, but also recommends that businesses proactively investigate for domain names similar to theirs, to prevent any potential exploitation.

Paul McEvatt, Senior Threat Intelligence Manager, Fujitsu UK:

“It’s disappointing – however, not surprising – to see scammers continue to find innovative ways to exploit people online during a global pandemic. The rapid uptake of these online streaming services, fuelled by lockdowns across the world, has opened a new avenue for cybercriminals to exploit through phishing campaigns. While these scams are generally targeting consumers, the guidance for good cyber security remains the same at any time and benefits individuals in their working and home environments.

“It’s always important to follow a trust-but-verify mantra, particularly when it comes to emails. Many emails and websites appear to be authentic. And although it’s tempting just to follow the URL in an email, it’s much better to go to the correct landing pages through a browser or the official apps. An example here would be receiving an email that your PayPal account had been blocked due to suspicious activity. The lure is to scare the user into automatically following the link provided, but it’s much safer to login and check access via the published app on your mobile device.

“It is good to see that the authorities are addressing this, however. While we would always recommend that the public checks carefully to see if sites they are accessing are legitimate, there are measures the organisations themselves can take to protect their customers as well as their own reputations. We recommend that organisations proactively investigate whether domain names similar to their own have been recently purchased as this is an indicator that a cybercriminal may be about to use that to exploit consumers.”