Back
Cyber Security Training & Software for Companies | MetaCompliance

Products

Discover our suite of personalised Security Awareness Training solutions, designed to empower and educate your team against modern cyber threats. From policy management to phishing simulations, our platform equips your workforce with the knowledge and skills needed to safeguard your organisation.

Cyber Security eLearning

Cyber Security eLearning to Explore our Award-Winning eLearning Library, Tailored for Every Department

Security Awareness Automation

Schedule Your Annual Awareness Campaign In A Few Clicks

Phishing Simulation

Stop Phishing Attacks In Their Tracks With Award-Winning Phishing Software

Policy Management

Centralise Your Policies In One Place And Effortlessly Manage Policy Lifecycles

Privacy Management

Control, Monitor, and Manage Compliance with Ease

Incident Management

Take Control Of Internal Incidents And Remediate What Matters

Back
Industry

Industries

Explore the versatility of our solutions across diverse industries. From the dynamic tech sector to healthcare, delve into how our solutions are making waves across multiple sectors. 


Financial Services

Creating A First Line Of Defence For Financial Service Organisations

Governments

A Go-To Security Awareness Solution For Governments

Enterprises

A Security Awareness Training Solution For Large Enterprises

Remote Workers

Embed A Culture Of Security Awareness - Even At Home

Education Sector

Engaging Security Awareness Training For The Education Sector

Healthcare Workers

See Our Tailored Security Awareness For Healthcare Workers

Tech Industry

Transforming Security Awareness Training In The Tech Industry

NIS2 Compliance

Support Your Nis2 Compliance Requirements With Cyber Security Awareness Initiatives

Back
Resources

Resources

From posters and policies to ultimate guides and case studies, our free awareness assets can be used to help improve cyber security awareness within your organisation.

Cyber Security Awareness For Dummies

An Indispensable Resource For Creating A Culture Of Cyber Awareness

Dummies Guide To Cyber Security Elearning

The Ultimate Guide To Implementing Effective Cyber Security Elearning

Ultimate Guide To Phishing

Educate Employees About How To Detect And Prevent Phishing Attacks

Free Awareness Posters

Download These Complimentary Posters To Enhance Employee Vigilance

Anti Phishing Policy

Create A Security-Conscious Culture And Promote Awareness Of Cyber Security Threats

Case Studies

Hear How We’re Helping Our Customers Drive Positive Behaviour In Their Organisations

A-Z Cyber Security Terminology

A Glossary Of Must-Know Cyber Security Terms

Cyber Security Behavioural Maturity Model

Audit Your Awareness Training And Benchmark Your Organisation Against Best Practice

Free Stuff

Download Our Free Awareness Assets To Improve Cyber Security Awareness In Your Organisation

Back
MetaCompliance | Cyber Security Training & Software for Employees

About

With 18+ years of experience in the Cyber Security and Compliance market, MetaCompliance provides an innovative solution for staff information security awareness and incident management automation. The MetaCompliance platform was created to meet customer needs for a single, comprehensive solution to manage the people risks surrounding Cyber Security, Data Protection and Compliance.

Why Choose Us

Learn Why Metacompliance Is The Trusted Partner For Security Awareness Training

Employee Engagement Specialists

We Make It Easier To Engage Employees And Create a Culture of Cyber Awareness

Security Awareness Automation

Easily Automate Security Awareness Training, Phishing And Policies In Minutes

Leadership

Meet the MetaCompliance Leadership Team

MetaBlog

Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Covid-19: Why Cyber Security

Covid19awareness

about the author

Share this post

Since the outbreak of the Covid-19 crisis, cybercriminals have wasted little time in exploiting the pandemic. In this time of uncertainty, coronavirus has led to a surge in cyber attacks, phishing scams and malicious activity, making Cyber Security awareness more important than ever.

Scammers Cashing in on Covid-19

In recent weeks, numerous scams have emerged as criminals seek to take advantage of the public’s concerns, ranging from how to reclaim money lost on holidays, to applying for financial support due to school closures.

According to Google, scammers are sending 18 million Covid-19 related emails to Gmail users every day in an attempt to persuade victims to download malicious software, steal sensitive information, or donate to fake causes.

In the last month, the National Cyber Security Centre (NCSC) has also reported that more than 2,000 online scams related to coronavirus have been identified and removed. In a bid to crackdown on fraudsters and phishing scams, the NCSC has taken down 471 fake online shops, 555 malware distribution sites, and 832 advance-fee frauds, where a large sum of money is promised in return for a set-up payment.

While the threat of Covid-19 builds, so too does the risk of attacks by opportunistic criminals aiming to exploit a society in lockdown. With the sudden shift in circumstances, and more people working from home than ever before, the Covid-19 crisis has presented ideal opportunities for cybercriminals.

Phishing and the Covid-19 Pandemic

As the public seeks information about the global pandemic, coronavirus phishing attacks have exploited recent news developments and government announcements. 

The National Fraud Intelligence Bureau (NFIB) has reported a 400% increase in scams as a result of coronavirus-related phishing attacks.

Recent campaigns have also seen cybercriminals creating fake websites and emails masquerading as legitimate authorities such as the World Health Organisation and HMRC to infect devices with malware, steal personal information, and compromise accounts. 

The most prevalent scams are those promising to share tips on how to avoid being infected, offer advice about financial support, provide updates on the spread of the virus, and access to personal protective equipment. 

By encouraging users to act quickly and by provoking curiosity and fear, some studies have shown the click rate on phishing attacks has risen from less than 5% to over 40%  with coronavirus scams.

Combatting Business Email Compromise During a Crisis

Amid a sharp rise in coronavirus-related phishing attacks worldwide, business email compromise attacks are now considered one of the biggest threats facing companies. 

According to Gartner, BEC attacks are expected to double each year to over $5 billion by 2023, leading to large financial losses for enterprises by 2023.

Although relatively low-tech and simple to execute, these sophisticated scams not only cause crippling financial losses but they also impact relationships, organisational reputation, and stakeholder trust.

In February, a study found that BEC attacks increased by almost 25% and ranged from CEO fraud to fake invoices and compromised employee email accounts. To further leverage Covid-19 fears, fraudsters have been cashing in by asking organisations to contribute to bogus charities and invoicing for cleaning products and PPE.

Covid-19 and Video Conferencing 

Like any technology, if not properly managed, video conferencing poses risks to the privacy and the security of our personal information. As people and businesses have become increasingly reliant on video conferencing to stay connected, fraudsters have been quick to exploit the opportunity. 

This has resulted in a surge of incidents whereby hackers have gained unauthorised entry to video conferencing calls and eavesdropped on private conversations, hijacked screen controls, and launched an array of malicious attacks.

Earlier this year, security concerns were raised when the Zoom ID of a UK cabinet meeting was shared in a social media post. Along with the ID, the usernames of some of the cabinet ministers were also listed, which enabled cybercriminals to access the private meeting.

The Washington Post also reported that thousands of recorded Zoom meetings are viewable online, including therapy sessions, financial meetings, telehealth calls, and school classes that exposed the faces and other details about children.

Although most video conferencing applications have controls that can be configured to mitigate such dangers, it also presents a number of additional risks, such as accidentally screen sharing confidential information or having sensitive data on display in the background of the video. With this in mind, user education is vital for creating awareness about video conferencing risks and how to mitigate them.

Coronavirus Smishing Scams

Smishing, or SMS phishing, has experienced a sharp rise as scammers attempt to lure unsuspecting victims with misinformation about the coronavirus outbreak

Recent smishing campaigns have claimed to be from companies that have experienced delays in deliveries due to the coronavirus. Other popular smishing scams have pretended to be from legitimate organisations, such as banks or government departments, to trick people into providing personal and financial information, open a malicious link, or pay money to a bogus cause.

Smishing has grown in popularity as it enables cybercriminals to lure recipients into revealing personal or financial information, without having to break through the security defences of a computer or network. 

Fraudsters recently targeted those in lockdown with a devious Netflix scam that claimed to give away free subscription passes for the platform. The scam had been perfectly timed to exploit the current surge in people turning to streaming services during the isolation period.

With the average person sending 15 texts per day, smishing offers a unique opportunity for these malicious hackers to take advantage of victims who are distracted while working from home, or who are overwhelmed with information about the virus. 

Research has also found that users are more likely to respond to a phishing attack on a mobile device as people are less cautious with text messages than they are with standard phishing scams, which are often blocked by spam filters.

Working From Home Vulnerabilities 

As remote working becomes the new normal, it has also resulted in a growing number of threats for many organisations. In fact, 95% of Cyber Security professionals say they are facing additional challenges, with increased attacks and new work-from-home demands. 

The sudden shift in circumstances has impacted the way that employees access business applications and increased the potential attack surface.

Aiming to take advantage of workplace disruption, hackers have been exploiting a variety of known vulnerabilities in VPNs and unsecured WiFi networks in an attempt to steal valuable information. 

With some workers forced to use personal devices for work tasks, this has also increased the risk of malware finding its way onto devices, resulting in both personal and work-related information being compromised. Often, these devices lack the tools built in to business networks, such as corporate antivirus software, customised firewalls, and online backup tools. The use of personal devices presents multiple opportunities for a hacker to exploit.

In an effort to prevent fraudsters from listening to confidential conversations and conference calls, some organisations are also urging their staff to turn off smart speakers and voice assistants such as Amazon Echo, Apple HomePod and Google Home devices. 

According to a report from Northeastern University, smart speakers accidentally activate as many as 19 times a day, recording as much as 43 seconds of audio each time. Recent research also suggests that 59% of smart speaker users have privacy concerns, with unwanted listening and data collection being front and centre.

Even in normal times, working from home can make employees vulnerable to attacks. However, the current climate has created the perfect storm in which hackers, scammers, and spammers can thrive.

Researchers at Zscaler say, since January, they’ve seen a 15%-20% increase each month in hacking incidents, and an increase in hacking threats that use terms like “coronavirus” or “Covid-19”.

Cyber Awareness is More Important Than Ever

Malicious cyber actors are continually adjusting their tactics to take advantage of new situations, and the Covid-19 pandemic is no exception. As cybercriminals increase their efforts, awareness is the most powerful weapon against these evolving threats and techniques.

Scammers will be quick to take advantage of any lapses in security, and organisations should continue to empower and educate employees to remain vigilant. Cyber Security is everyone’s responsibility, and with so many potential attack points, the key to improving security is to create a culture of cyber awareness.

Free Covid-19 Awareness Assets

In this time of uncertainty, MetaCompliance is committed to supporting organisations mitigate the risk of cyber threats.

To help communicate good cyber hygiene and vigilance, we have created a bank of free digital assets, which you can use to support your communications during this challenging time.

Click here to access your free Covid-19 awareness assets.

Other Articles on Cyber Security Awareness Training You Might Find Interesting