Coronavirus - Cyber-attacks during COVID-19 – Spain

Due to the COVID-19 pandemic and the legislative measures adopted, many companies have been forced to implement teleworking measures or to intensify the use of the systems they already had.

This, added to the confusion caused by the pandemic itself and the news bombardment to which we are subjected, has led many groups of cybercriminals to take advantage of the situation. Or, more precisely, to use information on COVID-19 to distribute malware.

Our IT director, Manuel Asenjo, had already warned us about this situation in his report, Law firms take precautions against coronavirus and cyber-attacks published by Confilegal on 9 March, in which he detailed how groups of cybercriminals in Japan were taking advantage of the information about 'the outbreak' to spread malware.

Fraudulent emails during COVID-19

Now, it is the INCIBE (the Spanish "National Institute for Cybersecurity") through its publication of March 18, which is warning us that a campaign consisting on sending fraudulent emails has been detected. In these e-mails, the criminals supplant the identity of companies or health authorities, taking advantage of the large number of news items generated daily and also of the numerous legislative developments and changes in different organizations COVID-19 is causing.

The importance of this alert cannot be overstated, since this malware can affect the equipment and systems of any self-employed professional, employee or company that uses email in their daily activity. Therefore, it is essential to take extreme security measures and caution in this regard.

Cyber-attack solutions during COVID-19

Our recommendation is to extreme the security measures of the systems and to warn the employees to be alert. It is also important to inform employees about the protocols and internal procedures in case of detecting any suspicious emails and in case of cyber-attacks.

It is very important we carefully check our mail.

However, if any employee has received such an email and has accessed a link and entered their access credentials, they should change their password as soon as possible and immediately inform the company. Likewise, the password in question must be changed in all the services in which it is used.

If you are interested in obtaining more information about this, you can check the alert entitled Distribution of malware linked to Covid-19 impersonating several companies published by INCIBE, which contains a series of guidelines and recommendations to avoid becoming a victim of this type of fraud.