Cybercriminals are opportunist predators and right now they are exploiting fears and concerns about COVID-19 in order to get people to click on links, open attachments, or give away confidential information in response to a message that is delivered in an email.
Unless you already had a remote workforce before the COVID-19 pandemic, the way you set up your employees to work from home may have inadvertently exposed your company to security risks. While some risks emerged because your people are not working inside your corporate perimeter anymore, other risks have always been there, but their importance has increased.
An accounting clerk gets an email from the CEO of his company. He thinks it’s a little strange, but he proceeds to follow the instructions in the email to purchase several gift cards and reply back with the gift card ID numbers. When the clerk goes to the CEO a day later to ask about getting reimbursed for the gift cards, the CEO says, “What gift cards?”
If only the clerk had looked a little closer at the email address.