7 Ways COVID-19 Has Changed Our Online Lives
The pandemic has driven more of our personal and work lives online – and for the bad guys, business is booming. Here's how you can protect yourself.
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltce023a004db8ff8f/64f0d447f4a5c53145cb6854/1.jpeg?width=700&auto=webp&quality=80&disable=upscale)
Millions of us have been bound by stay-at-home orders due to the COVID-19 pandemic. In turn, the number of us participating in online shopping, videoconferencing, telehealth calls, and online learning has increased exponentially. It seems like we're all looking for clever ways to share music or watch movies remotely with friends.
But another reality we all must face: Business has never been better for the bad guys because there are so many more people to attack. For example, TransUnion found a 23% increase in e-commerce once social distancing became widespread and the World Health Organization declared COVID-19 a global pandemic.
The fallout includes a rise in business email compromises, according to the FBI. And the Transunion research found 22% of Americans 18 years and older have been targeted by digital fraud related to COVID-19.
"There's so much more traffic right now, and the fraudsters look for these kinds of high-volume events the same way they do during Black Friday or Cyber Monday," says Angie White, senior product marketing manager at TransUnion.
To be sure, the security implications of our increased online lives have gone mainstream. We have to do our own blocking-and-tackling tasks, such as performing frequent security updates, changing default Wi-Fi passwords, and segmenting home networks. Also on the to-do list: enabling two-factor authentication (all managed cloud apps have this option, says Nico Fischbach, global CTO at Forcepoint, adding a VPN on phones, and watching out for account takeovers, White says.
For this feature, we take a look at what people are doing online and the related security implications, and offer tips for how to stay safe. We welcome readers to offer up any other tips that will keep the community safe online.
Whether it's for groceries or commodity electronics items, always be sure which company you're giving information to, says Logan Kipp, director of sales engineering at SiteLock. For smartphone food takeout apps such as GrubHub or UberEats, always access them through a trusted source, either Google Play or Apple's App Store.
Ken Liao, vice president of cybersecurity strategy at Abnormal Security, says the bad guys will try to take advantage of scarcity by sending phishing emails disguised as promotions for hard-to-get items, such as toilet paper, hand sanitizer, and paper towels. Also, be on the lookout for counterfeit items, he says. Now that we are in the spring allergy season, people may order their antihistamine of choice online and wind up receiving counterfeit items.
We may have learned this during past Black Fridays or Cyber Mondays, but be sure not to click on the links to promotions. If you are interested in an item, go to the specific company website and check to see whether the promotion is real. It always makes sense to order from the corporate site. One last online shopping tip: In these times, try to do business with companies you normally do business with. If a company you never heard of sends you an email, question why it has your email address in the first place.
These are torrid times for Zoom. Ever since stay-at-home orders were issued, Zoom and other videoconferencing platforms have become very popular. In a short period of time, Zoom's user base went from 10 million to 200 million at the end of March. People are using Zoom for everything from their corporate meetings to online classrooms to get-togethers for religious organizations and choral groups.
Of course, the party's come to a bit of a halt as various news organizations have reported security flaws in the Zoom platform. "Zoom bombing," when hackers access a meeting and write racial or ethnic epithets on the whiteboard, has already become a part of the general vernacular. And along with vulnerabilities discovered in the Zoom client for the MacOS, Check Point reported that attackers have registered more than 1,700 Zoom-related domains worldwide.
Most of the stories have focused on the flaws as opposed to solutions for people. There are a couple of things people can do. Abnormal Security's Liao says people shouldn't make their Zoom meetings open. For both the free and premium editions, it's possible to issue a meeting ID along with a password. For most meetings, it's better to send people the meeting ID and password rather than a meeting link. Organizations should also refrain from posting meeting links on their websites. If you have to use a link for meetings with 25 or more people, email each person a link. When organizations post public links, hackers can gain instant access.
Tom DeSot, executive vice president and CIO at Digital Defense, advises companies, nonprofits, and schools to refrain from using Zoom until the company corrects the various security vulnerabilities. He recommends trying another videoconferencing platform, such as GoToMeeting, Microsoft Skype or Teams, or Cisco WebEx. For personal use, he says, it's fine for people to hold family meetings or meetings for community organizations on Zoom. Just don't discuss the family will or tax issues.
Another important tip: Just because the green light is off doesn't mean the camera isn't watching. Either put a camera cover or a piece of tape over the lens while you are not using the camera.
Many hospitals around the country are at capacity, so telehealth has become a very viable option for patients who need a doctor for a non-emergency reason. SiteLock's Kipp says much like the IRS will never call you out of the blue, neither will a medical office. Don't take a call unless you have set up an appointment in advance. Don't give out any information unless you are the person who's initiated the call.
Also, be aware that fraudsters are impersonating medical companies looking for personal medical and other sensitive information. Don't give out any information unless you are really sure it's your doctor's office or the company that administers the telemedicine application.
Taxpayers need to look out for scams focused around the stimulus bill, as well as general financial scams. For example, Abnormal Security's Liao says people should not click on any email that offers money in exchange for personal information.
Anyone who filed their 2019 taxes and has an account with the IRS will automatically receive a stimulus check in the next few weeks. There's no need to fill out any other paperwork. As for unemployment insurance, it's best to file online in the state where you worked. While there have been issues with the various state agencies getting overloaded by the millions of claims, there's no reason to be duped by nefarious hackers looking to prey on those who may be desperate to come up with money to pay rent or put food on the table.
Another scam to be aware of: offers coming in the mail and through email asking you to sign up for credit cards or credit lines for $5,000 or $10,000 so you can make it through the next month or two, Liao says. In many cases, they are not even credit card companies that offer six months of low interest, then charge high interest rates. Rather, they are scammers looking to steal your personal information and sell it for profit on the Dark Web.
Schools and colleges are now relying on online classrooms -- and this presents some real challenges for parents, especially those who are juggling working from home and keeping track of the online habits of their kids.
SiteLock's Kipp says parents can start by enabling the parental controls on all devices in the house -- TVs, laptops, tablets, gaming devices, etc. Most routers issued by carriers also have a content filter option, which can be used to develop whitelists and blacklists. Cell phone carriers also have plans that limit cell phone time, which can help control a child's screen time during this stay-at-home period.
For more information and ideas for parents of K-12 students, here's a link to EDUCAUSE's COVID-19 page and a link to the International Society for Technology in Education's page.
Here's one important rule for this new app that lets people remotely watch Netflix movies together: You can only get Netflix Party via the Google Chrome browser on a laptop or desktop. This will undoubtedly evolve, but for now you have to get creative. If you have a Fire TV, for example, here's a short video that will let you install the Chrome browser on your Fire TV.
For those running Netflix Party on your TVs, all Internet of Things (IoT) security rules apply, SiteLock's Kipp adds. It's best to think of your TV as a computer now. If the TV prompts you to update the firmware, be sure to do it. And take care of any security updates. If you are connecting the TV with wired adapters (the old-fashioned way), be sure your computer is fully updated; otherwise you can infect your TV. Kipp also advises having Netflix Party sessions in your main family room. Even when the apps on your TV are turned off, you can never be too sure prying eyes aren't watching you.
Here's a good recent story on how to install NetflixParty.
During this stay-at-home period, many of us are upping our social media games. Musicians, for example, have taken to streaming more to continue performing and teaching. You don't need to be a pro. Just about anybody with an instrument and a cell phone can offer up a new song in a short three-minute video.
People are also sending many more messages via Facebook Messenger than they have in the past. Most people have hundreds of "friends" but are not in close touch with all of them. However, don't trust such a message unless you are sure it's really the right person. Even if it's a good friend or business acquaintance, better to call or email them to be sure they sent you the message. These messages are breeding grounds for phishing scams and malware injections.
Abnormal Security's Liao says people should take this time to review all of their friends and delete the ones on the periphery. Also, set up groups so you can better control the people making comments on your posts. Even when making comments in smaller, subject-matter-oriented groups, don't give away any personal information. Don't ever let people on Facebook or other social media know your address, Social Security number, or any medical information. And as much as it might make you feel better, if you get sick, don't share your personal health status. Be smart and more cautious than normal. Fraudsters are just waiting to take advantage.
During this stay-at-home period, many of us are upping our social media games. Musicians, for example, have taken to streaming more to continue performing and teaching. You don't need to be a pro. Just about anybody with an instrument and a cell phone can offer up a new song in a short three-minute video.
People are also sending many more messages via Facebook Messenger than they have in the past. Most people have hundreds of "friends" but are not in close touch with all of them. However, don't trust such a message unless you are sure it's really the right person. Even if it's a good friend or business acquaintance, better to call or email them to be sure they sent you the message. These messages are breeding grounds for phishing scams and malware injections.
Abnormal Security's Liao says people should take this time to review all of their friends and delete the ones on the periphery. Also, set up groups so you can better control the people making comments on your posts. Even when making comments in smaller, subject-matter-oriented groups, don't give away any personal information. Don't ever let people on Facebook or other social media know your address, Social Security number, or any medical information. And as much as it might make you feel better, if you get sick, don't share your personal health status. Be smart and more cautious than normal. Fraudsters are just waiting to take advantage.
Millions of us have been bound by stay-at-home orders due to the COVID-19 pandemic. In turn, the number of us participating in online shopping, videoconferencing, telehealth calls, and online learning has increased exponentially. It seems like we're all looking for clever ways to share music or watch movies remotely with friends.
But another reality we all must face: Business has never been better for the bad guys because there are so many more people to attack. For example, TransUnion found a 23% increase in e-commerce once social distancing became widespread and the World Health Organization declared COVID-19 a global pandemic.
The fallout includes a rise in business email compromises, according to the FBI. And the Transunion research found 22% of Americans 18 years and older have been targeted by digital fraud related to COVID-19.
"There's so much more traffic right now, and the fraudsters look for these kinds of high-volume events the same way they do during Black Friday or Cyber Monday," says Angie White, senior product marketing manager at TransUnion.
To be sure, the security implications of our increased online lives have gone mainstream. We have to do our own blocking-and-tackling tasks, such as performing frequent security updates, changing default Wi-Fi passwords, and segmenting home networks. Also on the to-do list: enabling two-factor authentication (all managed cloud apps have this option, says Nico Fischbach, global CTO at Forcepoint, adding a VPN on phones, and watching out for account takeovers, White says.
For this feature, we take a look at what people are doing online and the related security implications, and offer tips for how to stay safe. We welcome readers to offer up any other tips that will keep the community safe online.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024