Operations Memo

OM_2020-04; Cybersecurity and Exploitation of the COVID-19 Pandemic

For more information, contact:

Advisor Services Team

Date Issued:

April 3, 2020

As we rely on technology to work from home and remotely service clients to maintain social distancing, there is an increased risk of cybersecurity events.

The confusion and evolving circumstances surrounding COVID-19 has created an environment that cybercriminals are already attempting to exploit.  As a result, the number of cybersecurity threats is increasing including an increase in phishing attempts, attempts that use the names of securities regulators and government agencies.

Some details include:

  • A phishing email campaign disguised as a public service announcement from the World Health Organization (WHO) about COVID-19. When the email button is clicked it brings the target victim to a fake landing page that looks like the real WHO page, with a malicious login designed to collect your email password.
  • More than 4,000 website domains related to this outbreak have been registered since January 1, 2020 with 3% to 5% of those sites being confirmed or suspected of being malicious.
  • The distribution of malicious software trojans have also been reported on COVID-19 related emails. These are designed to deliver various forms of ransomware and other malicious tools to achieve data theft, extortion or operational disruption.

What can you do

It is imperative that we continue to protect ourselves against cybersecurity threats and consider the unique threats that the current environment has created.

Be aware of the threat

  • Do not open any email attachments you are not expecting.
  • Do not click on unknown ads or links in emails or on websites that you are unfamiliar with, especially on a topical issue such as this current novel coronavirus related to protective gear such as masks, cures, or spread information.
  • Do not open any attached files with .exe extension. When in doubt, don’t click on the file.o Be immediately wary when you are asked to give passwords or any information for any reason, other than the known and trusted site for which they are intended.
  • If you receive an email that appears to be from a known or trusted site, do not login by clicking on the email link. Log in separately to access the site by opening a web browser and using a known site address.

Protect your computer

  • Ensure you have a fully patched computer, operating system, office suite, web browser, utility apps like Adobe and Java, and a powerful and up-to-date anti-malware suite.
  • If it appears you have been attacked by ransomware, disconnect your system from your network and the Internet, and contact advisor services immediately. They will arrange to have our IT services contact you.

Know how to spot a fake email and landing pages

  • Note any spelling and grammatical errors.o Watch for buttons or links to non-secure sites (http://) (vs secure sites (https://))
  • Observe and separately confirm if a link goes to the real site you are intending to visit.
  • Be wary of pop-ups asking to verify your email, password or other information the site should already know.
  • Carefully check the email address of the sender and see if it is congruent with the rest of the information
  • Look for information that is vague, generic or outright not applicable to you, for example:
  • Credit card starting with …. and lists the first 4 digits of the card (All credit cards of a given type issued by an issuer have identical first 4 digits)
  • Dead uncle but no name (Anonymous people don’t leave millions of dollars for someone they don’t know or haven’t been in touch with ever)
  • An immediate demand for money without any avenue to discuss or appeal (CRA etc. will mail letters, contact the indebted, will explain all options including the right to appeal)
  • The threat of police or imprisonment -- ignore all such threats and delete
  • Filing of a lawsuit but asking for information – ignore all such communications and delete
  • Your bank asking for information from you – ignore all such communications and delete

Go only to known and verifiable sources of information

Reliable sources of information for the spread and protection from COVID-19 include:

As always, if you have questions or comments, contact the Advisor Services Department by email at advisorservices@gpwealth.ca.