A recent survey reveals significant concerns from the UK public over cyber-security implications introduced by the new COVID-19 contact tracing app, currently in trial.
In a recent survey conducted by Censuswide on behalf of cyber-security solutions provider Anomali, over 1,000 UK citizens were asked for their views on the potential impact of the new contact tracing app. Almost half of respondents (48%) expressed serious concerns that the app would be exploited by cyber-criminals. Almost the same number (43%) were convinced social engineers would use the app (or fake versions of it) for phishing attacks.
The numbers, while concerning, are not overly surprising. Historically, hackers will use any event, product or organisation with plenty of news coverage as a disguise for their malicious campaigns. This has been made glaringly evident by the enormous increase in phishing attacks during the COVID-19 pandemic and how many of them have used the coronavirus as the main theme.
The strongest defence against bogus emails is user understanding, knowing what to look for and how to recognise phishing emails. The unfortunate reality as of writing this is regular internet users do not yet know where the Contact and Trace app will be coming from, so will not have an obvious reference as to whether an invitation or download link is real.
“At this stage, nobody knows where to get the NHSX app from, so it can be reasonably expected that consumers will be faced with floods of emails with bogus links to convincing looking domains to download the app from.
There is also the danger of smishing attacks; similar to a phishing attack, but the phish is done via SMS message. Due to the smaller screen real estate, people will be less able to check the veracity of the link so will be more trusting and might click it”Jamie Stone – Head of EMEA, Anomali
The necessity for users to receive effective and regular cyber awareness training is unquestionable. Users require education in order to maintain their own security and the security of the organisations they work for.
At Phishing Tackle, we urge all our readers to focus on raising the levels of cyber awareness within your organisations. We have even created several free tools to help you achieve this, most popular is our Free Click-Prone® Test, which reveals how many of your users are susceptible to falling for a modern phishing attack.
Whatever method you choose, make this trying time a time of education and knowledge building. Don’t let your organisation become the next entry in an increasingly long list of phishing victims.