In normal times technology is seen as being our friend. Business rely upon it for information gathering and dissemination and it is hard to remember times before the internet, email and social media. However, at times of crisis, while technology can be a positive force in enhancing our ability to manage the situation, it can also present some significant challenges. The current Coronavirus/Covid 19 situation is a case in point.
The website factcheck.org has made a number of recommendations to help people double check sources of information, outlined below;
- CONSIDER THE SOURCE
Click away from the story to investigate the site, its mission and its contact info
- READ BEYOND
Headlines can be outrageous in an eﬀort to get clicks. What’s the whole story?
- CHECK THE AUTHOR
Do a quick search on the author. Are they credible? Are they real?
- SUPPORTING SOURCES?
Click on those links. Determine if the info given actually supports the story
- CHECK THE DATE
Reposting old news stories doesn’t mean they’re relevant to current events
- IS IT A JOKE?
If it is too outlandish, it might be satire. Research the site and author to be sure
And it’s not only fake news challenges that technology brings. When people start to panic, it is an ideal time for unscrupulous and indiscriminate criminal organisations to try and take advantage of their vulnerability.The UK police National Fraud Intelligence Bureau recently reported that, since February they had identified 21 reports of fraud where Coronavirus was mentioned, with victim losses totalling over £800k.
The National Cyber Security Centre provides the following advice in relation to suspicious emails;
- Many phishing emails have poor grammar, punctuation and spelling.
- Is the design and overall quality what would you’d expect from the organisation the email is supposed to come from?
- Is it addressed to you by name, or does it refer to ‘valued customer’, or ‘friend’, or ‘colleague’? This can be a sign that the sender does not actually know you, and that it is part of a phishing scam.
- Does the email contain a veiled threat that asks you to act urgently? Be suspicious of words like ‘send these details within 24 hours’ or ‘you have been a victim of crime, click here immediately’.
- Look at the sender’s name. Does it sound legitimate, or is it trying to mimic someone you know?
- If it sounds too good to be true, it probably is. It’s most unlikely that someone will want to give you money, or give you access to a secret part of the Internet.
- Your bank, or any other official source, should never ask you to supply personal information from an email.
- Try to check any claims made in the email through some other channel. For example, by calling your bank to see if they actually sent you an email or doing a quick Google search on some of the wording used in the email.
More comprehensive advice relating to malware can be found on the NCSC website
A full version of this article will be published in the Spring issue of Resilience Magazine which is free for Members of the EPS.