Businesses and employees are urged to be vigilant as online attackers use Covid-19 as route to crime.

Businesses are warned to remain alert to phishing attacks during the pandemic. 

A record number of attacks united by a single theme - Covid-19 – is currently underway, according the British Standards Institute (BSI). 

HMRC has issued a similar warning at a time when many employees are working unsupervised from home and people are often worried or vulnerable.

Several false web domains relating to Covid-19 have been registered and are being used to link to phishing and credential attacks such as obtaining personal and bank details.  

In the UK, phishing campaigns include BEC (Business Email Compromise) threats when the attacker pretends to be a colleague or someone you know requesting a payment to be made. 

These types of emails can also include ransomware and malware disguised as links to click for further information about meetings or company updates. 

Other threats come from attackers mimicking charities, health organisations, HMRC (commonly offering a tax return) or government (tempting victims with financial support).  

Stephen Bowes, security and information technology expert at BSI, says the threat is a global one with Interpol involved.

“World events like Covid-19 provide vast opportunities for cyber attackers to infiltrate companies and gain user data such as login credentials or financial information,” he adds. 

“Phishing is one of the highest causes for cybercrime and all online users, in work and at home, need to be alert as cases of fraud are rising during this time.” 

Employers and employees should remain vigilant, be aware of increased risks and be sure to get information from reputable sources,” he added.

“Don’t get caught off guard by clicking on links in emails,” he adds. “If in doubt about the legitimacy of an email that is requesting a payment or specific action, contact the sender by phone to get verification first.” 

Design vector created by freepik -