Emergencies and cyberattacks are hard enough on their own. But disasters bring out the worst in cybercriminals, and if an event can be exploited, you can be sure that a hacker is going to do so. Whether you’re dealing with a recession, flood, or pandemic, it’s important to keep an eye out for scams that take advantage of emergencies.
From infected links to PDFs containing viruses, here are three types of scams you’ll likely see during an emergency:
The scarier something is, the more we want to know about it. It’s human desire to learn, and when something poses a threat to our well-being, it only makes sense that we’ll start researching. For this reason, hackers often email links that they claim are somehow related to an emergency. As an example, they might say, “This link leads to new statistics about the recent forest fire,” or “Click here to donate to a fundraiser for hurricane victims.”
Obviously, these links don’t actually take you to an article or fundraiser. Instead, they’ll cause you to download a virus, and you might not even realize it’s happened! In these instances, the hackers have exploited your fears and sadness to make you click an infected link. And if they were able to take advantage of your negative feelings, they’ll exploit your positive feelings, too.
When things are at their darkest, we all cling to whatever light we can find. Scammers understand this, which is why they’ll often hide malware in optimistic “We found a cure” or “Watch a community come together” emails. Like with the first scam, these emails are meant to trick you by taking advantage of your emotions. And because emotions tend to be at a high during emergencies and cyberattacks, these scams have an unfortunate tendency to work.
If it wasn’t bad enough already, these scams add insult to injury—not only will your computer become infected, but you’ll soon realize that the news wasn’t even real. That momentary hope of things improving will be replaced by resignation. Essentially, the hacker will have tricked you twice. All because of emotions.
Like the first two scams, this third type involves emotional manipulation. Sure, stress-based scams are similar to fear-based scams. But they might not reference the emergency going on at all. Thus, they’re harder to keep an eye out for, since they can mention nearly anything.
If you’re already stressed out by an earthquake or illness, chances are you won’t be fully attentive. Scammers know this, so you’ll see an abundance of “Your bank account’s been hacked” or “Click here to win $500” phishing scams. Thus, while looking out for emergency-specific scams, you’ll also need to be extra aware of “normal” scams. Hackers don’t care which of their tactics work, and they’ll try multiple ones if it means succeeding.
Emergencies and cyberattacks go hand in hand; when emergency hits, it’s easy to let our emotions overwhelm us. And when we’re emotional or distracted, it’s easy for hackers to attack. But by understanding these increased risks and emergency-specific scams, the chances of a successful hacking attack dwindle. So, stay aware, ask questions, and continue using cybersecurity best practices—especially during an emergency, but throughout the rest of the year as well.