The pandemic and the 'spamdemic': More cybersecurity tips from an Ottawa expert
OTTAWA -- Remember when Spam was salty tinned ham?
Sure, maybe it was hard on your arteries but it didn’t compromise your identity, your privacy, your devices or your finances.
Ottawa cybersecurity expert John Robinson, President and CEO of Intega IT, a company specializing in protecting small and medium-sized businesses, says he has seen a noticeable increase in spam during the COVID-19 pandemic, causing him to encourage people to protect themselves against more than germs, but a “spamdemic”.
“Everybody’s been bombarded with spam emails and cyber criminals are out there looking for opportunities and preying on people’s cyber fatigue,” Robinson says.
According to Robinson, our vulnerabilities and naïveté are open to exploitation, especially when we are busy multi-tasking and working from home.
“Specifically with business,” says Robinson, “They’re looking to penetrate the company. They (cyber criminals) are looking to put the company in precarious situations by locking up their files and holding them ransom. This is a huge business right now with people working from home. It’s very easy to quickly breeze through and click on the wrong thing and you’re just opening a Pandora’s box.”
These are quick examples of attempted hacks:
This Facebook message spins this story about how someone was hacked and what to do, but that in itself is the hack. If you see this from a friend, alert them to the hack, and that their account has been compromised. Alert the user to change their password.
This spam resulted in a search of an Ottawa restaurant. The restaurant owner was made aware the site has been compromised.
Tips to protect yourself from spam from John Robinson of Intega IT
1. Spam email from legit looking sender:
a. Never reply to spam. You’d comprise your security, expose yourself to malware or end up on a never-ending list of spam emails. If you reply, they’ll put a ‘forward’ reply on your email and it’ll go to whoever has set the trap. They’ll start replying on your behalf and it’ll seem like it’s coming from you.
b. Check the sender, links, attachments and message. The danger is in automatically clicking, thinking it’s legit. Look at the links. It might have a mistake, ends with .info or the wrong extension. The attachments can be either a .zip file or the name of the attachment is different if you hover over it than what it is on screen. Make sure you hover over it to get the true info. Attachments prey on social engineering and on trusting that people are innately curious and will click without thinking. Look at the message for spelling mistakes, bad grammar, generic salutations, and so forth.
2. Eblasts from unknown senders (when you get a barrage of emails from someone you are sure you didn’t sign up with):
a. Avoid ‘unsubscribe’ buttons unless you are familiar with the sender, such as an online store you trust. Spammers use unsubscribe to confirm your email address is active. It could also be a trigger to install malware.
b. Mark as spam and block. You’re just confirming you’re there.
3. Facebook messages on DM that contain a video that says “I can’t believe this is you, is it?” and you’re meant to click:
a. This click will lead to a virus. Look at the message and who’s sending it. You can see a preview of it and what the gist of it is.
b. Just respond and say you’ve been hacked
4. Stop the spamdemic:
a. Create a specific email account for sign-ups, retail, consumer stuff and subscriptions. Then you can sort it under social, consumer and so on. Anything you sign up for, hotels etc, use that one account so you don’t get consumed with spam on the work account
b. Alternatively, create an ‘alias’ account: if you are normally firstname.lastname@example.org, create one that has a dot in it, like email@example.com and it’ll still go to the same account, but you’ll know if it’s attached to spam or not.