While working from home has its perks, what many of us don’t realize is the fact that we’re a more enticing target for hackers while connected remotely to a company’s network. And now that almost two thirds of the U.S. workforce are working from home, hackers have an even greater opportunity to infiltrate work computers with scams and other security risks.
Sure, your company network likely has plenty of safeguards in place that protect against hackers and scammers who are looking for access to valuable company data and resources. But when you’re on your home network, you’re less protected against those threats. That’s why remote workers are the most likely to fall prey to hackers and scammers.
People Adapt to Working from Home
While working remotely allows us to cut out that dreaded commute, it unfortunately has made more people vulnerable to cyberattacks. Take the federal government, for instance. According to CNN, the pandemic has proven to be a big test for government computer systems as 70 to 90 percent of federal officials are working from home – a figure that is up from just over a third of remote federal employees in 2017. However, not all government agencies use VPNs anymore, instead preferring the use of cloud-based applications and services. Yet, experts note that while the use of virtual desktops is widespread, at least 25 million Americans do not have broadband internet at home, thus creating problems for telework. And when the work they do is extremely sensitive in nature, they may not be prepared to take it home.
Federal workers who belong to the intelligence community are experiencing some of the greatest difficulties in working from home. And though agencies and have made leave policies more flexible and enacted safety measures, according to experts, for the U.S. at large, the security issues associated with teleworking are an enormous vulnerability.
Types of Scams
How can you prepare yourself against these seemingly nebulous threats? According to PC Magazine, in times of the pandemics like the coronavirus, it’s best to watch out for…
1. Phishing scams
No, we’re not talking about going out on the lake to fish for trout. In fact, the past few weeks have witnessed a sharp rise in phishing scams directly related to the coronavirus. Hackers are using the pandemic to send emails that trick users into revealing important personal data, trick users into clicking on malicious links, and downloading malware-infected files. According to the Seattle-based information security company DomainTools, hackers are increasingly creating coronavirus-related websites, apps and tracking tools meant to lure those who are simply seeking information — but which actually spread malicious software that can lock your device. Many of these scams are targeting people studying from home or people working remotely. The senders might act as university personnel offering updates about closures or IT staff following up on technical issues. Look out for people asking you to provide your account credentials in order to carry out a technical procedure or install an app on your computer. You should also be careful while checking your work email. If you open a message that contains a call to action, use another means to verify the claim, like a phone or an alternate email address. Check with your colleagues to see if they’ve gotten similar emails or reach out to your company’s IT department to see if they sent the email. An easy way to verify links is to hover over them to check their destination address. If you don’t know where the address is pointing, don’t click on those links.
2. Keep security tools updated
Not only should you look out for phishing scams, but the past few weeks have seen a rise in malware targeted at remote workers. Many of these schemes have keylogger components or software that secretly registers key presses and sends them to the control servers of the hackers. This data is then used by hackers to find username and password combinations. The malware is usually delivered through seemingly legitimate applications or as part of a phishing campaign. Watch out for messages that urge you to download and open attachments. If you happen to open these attachments, you need to utilize an endpoint security tool such as a reliable antivirus solution that provides web, virus, and phishing protection. Always keep this software updated.
3. Increase your accounts’ security
Hackers are looking for your financial and business accounts. Once they take over these accounts, they have the ability to drain money from your bank account, steal company data or pose as you and stage attacks on your coworkers. One of the most obvious ways you can prevent hackers from accessing this information is to use strong passwords. Further, you can enable two-factor authentication, which might require you to input a one-time password, physical key or fingerprint once you’ve logged in. While two-factor authentication might seem tedious, it comes in handy if you fall prey to a phishing scheme, accidentally install malware on your computer, or give your login credentials to the wrong person. With 2FA, hackers might be able to access your password, but they can’t login into your work account.
4. Separate your work life from your personal life
It seems logical, but for some, keeping professional and personal lives a part doesn’t cross their minds. For instance, if you have more than one laptop, make sure you use one for work and one for play. This ensures that if your personal devices are hacked, this mishap won’t spill into your professional life. If your work has the resources, ask them for an extra device to prevent these types of misfortunes. Further, if you can, use a VPN on the device upon which you work. By encrypting your network traffic, VPNs prevent potentially insecure devices present on your home network from being able to surveil your work activity.
5. Encourage your coworkers to utilize good cybersecurity habits
A single compromised device has the ability to infect an entire organization. Encourage your fellow employees to adopt basic processes such as those listed above to stay safe from hackers as the coronavirus lockdown continues.
Stefanini Provides Security
Ensure your employees are secure. We offer a wide variety of solutions to support your cyber security measures, including the ability to track user actions, malware, enable security on BYOD, and more. They include:
· Security monitoring and incident management
· A security posture assessment
· Forensics operationalized
· Intelligent security
· Risk and threat management
· Compliance automation and reporting
· Centralized log management
· Security analytics
Looking for other work-from-home solutions? Learn more about our W@H package today and set your employees up with the tools needed to be successful and remote.