As Coronavirus spreads globally and impacts our health, lifestyle, and economy, cyber criminals are finding opportunity. Businesses around the globe are reporting an uptick in cyber threats as the virus spreads; some organizations have seen targeted phishing or cyber scams rise as high as 40%.
Phishing and cyber scams are increasing as cyber criminals exploit weaknesses in remote work environments and employees’ interest in information.
For many of us, the way we work has already changed. For employers, office buildings have quickly closed, and IT teams are being asked to deploy an infrastructure that allows their employees to work securely and productively from a home environment. For employees, many are being asked to work remotely for the first time with fewer home cyber-security defenses in place than the typical office environment.
In addition, as with past times of stress or distraction, employee cyber security guards are weakened by interest in information. People are more susceptible to a phishing attempt if it is relevant to their interests, especially in times of uncertainty.
Cyber criminals have quickly taken notice of these factors and have begun to launch phishing attacks on individuals and businesses.
Recent cyber attacks tend to form under the guise of informational health emails. One detected phishing scam was an email that promised information on how to protect yourself from the spread of the virus. By using urgent or sensationalized language, cyber criminals prompt the receiver to act quickly. Once the receiver enters credentials on a malicious link or downloads an attachment, the computer and network become compromised.
Cyber criminals may also be exploiting known email addresses or domains to target a specific group. A cyber criminal may create an email appearing to come from HR that directs employees to malicious sites instead of important employee information. In addition, in a remote environment, it is not as easy for an employee to quickly sanity check an email with another employee prior to clicking a link or downloading an attachment.
In order to protect your organization and combat these malicious phishing attacks, employers must ensure that cyber security remains a priority and remain vigilant against attacks, even in times of transition.
For more information on how to stay safe when working remotely, read our 6 Tips for Staying Secure when Working from Home.