Guidelines to raise awareness on malware and misinformation campaigns that are being generated due to the COVID-19 infections on a global scale
- Pay special attention to the emails you receive. The cure for the coronavirus won't be delivered via email.
- Avoid opening documents and attachments from unconfirmed official sources about the COVID-19 on any device.
- Don't download unofficial software on your computer or apps on your smartphone to learn about the international scope of COVID-19.
- Do not contribute to the dissemination of non-confirmed content, only use official confirmed sources.
- Do not contribute to the dissemination of messages that could raise concerns among the population.
Simple guidelines to raise your cybersecurity posture, when working at home
- Use Strong Authentication mechanisms: start with a secure authentication method with unique strong passwords and additional multi-factor authentication mechanisms. A password vault can help you to generate strong passwords and to store the passwords in a secure and user-friendly application.
- Be security minded and acknowledge the risks of bypassing security mechanisms.
- If a service is not reachable or has a decreased performance, don’t try to bypass installed security reasons to make it work. Always contact your IT administrator first.
- If your antivirus software is scanning don’t shut it down to increase performance.
- If you see a warning about a malicious website, consider it malicious and only proceed with utmost caution.
Protect your network and devices by:
- changing default passwords on every device on your network.
- patching all your devices to the latest version, and enabling security updates as soon as possible.
- installing antivirus and firewall software to secure your device, and monitor your devices with regular inspections.
- allowing only trusted and known devices that are patched with the latest security updates and software versions on your network.
- Make sure that you take regular backups of all important information, and verify that you can restore the data from the backups.
- Use external disks or cloud solutions (no confidential data) whenever possible.
Protect yourself against Social Engineering
- Be vigilant when opening attachments, only install trusted software applications, do not encode your credentials after clicking on a link.
- If you can win a prize or get an exclusive discount, browse to the organisation’s corporate website or use a search engine to reach the website. If it’s important to send a mail to a customer, the organisation will publish it on their corporate website as well.
- If you receive a mail with financial motivation, call the person or organization to verify the authenticity of the mail.
- If you receive a phone call, check the authenticity of the caller. Microsoft, Apple, Etc will not call you to warn you of a virus.
- If you receive a suspicious mail forward it to firstname.lastname@example.org