As the world scrambles to deal with the coronavirus (COVID-19) pandemic, social distancing is the best solution we currently have at our disposal to contain the spread of the dangerous virus. For most organizations, companies, and government agencies, this means they must recommend or instruct their employees to work from home and avoid congregating at offices, where they risk becoming exposed to coronavirus contamination.

But while remote working provides much-needed protection against COVID-19, it will also open a Pandora’s box of cybersecurity and privacy threats. Among the growing threats are phishing scams, social engineering attacks that trick their victims into downloading malware or revealing sensitive information.

Attackers usually take advantage of chaos and confusion to make their phishing emails look more convincing. And the coronavirus crisis is one of the most confusing times we’ve been going through in the past decades, creating the perfect storm for phishers.

According to Barracuda Networks, phishing attacks have seen a 667-percent surge from February to March, as the coronavirus spread took on pandemic proportions and many countries are imposing city-wide quarantines and lockdowns.

Here are a few tips to stay safe as you adjust to your new work environment and culture.

The COVID-19 lockdown has made you a more valuable target

Before considering your own security and privacy threats, you need to look at things through the eyes of the attackers. Cybercriminals are always preying on unwary users, tricking them into clicking on malicious links or downloading malware-infected attachments. But in general, attackers go after targets that provide the most value and are easier to target.

Read: [Is it ethical to buy non-essential items online during the coronavirus lockdown?]

Previously, attacking you in your home would provide hackers access to your personal documents, home security camera feeds, and smart home devices.

But with home networks becoming professional work environments during the coronavirus lockdown, cybercriminals have a much bigger incentive to target them. Now, breaking into a home network can potentially provide a gateway for hackers to steal valuable business data or gain a foothold into the remote work network.

Therefore, the first security preparation measure for the COVID-19 work-from-home is to acknowledge the reality that you’ve become a much more valuable target.

Beware of coronavirus-related phishing attacks

Any email that claims to provide COVID-19-related information should be eyed with suspicion. Things such as news about the coronavirus cure, or a downloadable guide to avoiding contracting the virus are perfect guises for phishing attacks. Be very careful of such emails, especially if they contain attachments or external links.

Don’t forget: Your main source of information about COVID-19 should be official bodies such as the World Health Organization or your national health authority, such as the CDC or the NHS.

But you should exercise caution even when dealing with official sources.

Earlier this month, security researchers at Sophos spotted phishing campaigns that impersonated WHO officials. One email claimed to provide safety measures against the novel coronavirus. The email contained a link to a clone of the WHO website, but which contained an extra detail: It asked for your email password.

Security Tip: A public information website should never ask for your email password. At most, they might ask for your email address to send you newsletters. In these trying times, my general advice is to directly get your information from the WHO coronavirus page instead of clicking on email links.

Another phishing attack was targeted at Italy, where the infection and death toll have been alarmingly high. The email contained a message that apparently came from an Italian WHO urged the users to download the attachment, a Word document that contained ransomware, a type of malware that encrypts the files on your computer and keeps you locked out until you pay a ransom to the attacker.

coronavirus phishing attack targeting Italian citizens