We’re all already pretty used to working from home due to the latest global pandemic, COVID-19 otherwise known as Coronavirus. However, the new reality of having the majority of company workforces working from home has opened up a whole new world of cybersecurity issues and online attacks.
A recent poll of UK companies by the private equity firm Lenore International found that 33% of people lack the infrastructure needed to enable a long-term work from home policy.
We’re all using our computers now more than ever before and most of us aren’t aware of the daily threats we face from new scams, phishing emails and VPN threats that have arised due to the pandemic.
Here at WOT we’ve rounded up the top 5 threats you should be aware of and provided solutions on how to deal with them.
Rise of Malware Attacks
According to the Financial Times, experts from the National Cyber Security Centre, a branch of the signals intelligence agency GCHQ, said web users are in danger of losing money and sensitive data if they’re tricked into clicking on links in bogus emails claiming to contain important information about the pandemic.
Such examples of these types of links include cyber scams by cybercriminals claiming to be from the World Health Organization (WHO) and the US Centre for Disease Control who send fraudulent websites advertising antiviral equipment which turns out to be fake, and attackers seeking bitcoin funding which they claim is for vaccine research.
Additionally, The NCSC has seen an increase in the registration of web pages relating to the coronavirus suggesting that cyber criminals are likely to be taking advantage of the outbreak.
Cyber Security firm Check Point, found that since January 2020 there have been over 4,000 coronavirus-related domains registered globally with 3% found to be malicious and an additional 5% suspicious. The NCSC responded to 658 cyber attacks against the UK in 2019, according to its annual report, and took down links to over 177,000 “phishing” sites.
Analysts are also suggesting that the need to set people up with new laptops in a hurry to meet the need for working from home may cause employers to be taking shortcuts in their cyber security protocols, prompting concerns that companies may be more vulnerable.
Many cybercriminals are exploiting public fears of the novel coronavirus with phishing emails.
As already mentioned, hackers have begun impersonating the CDC and World Health Organization with phishing emails that contain malicious links, allowing hackers to download malware onto a victim’s computer. For example, currently there is a phishing email being sent out under the guise as a list of coronavirus patients from WHO. However, when individuals download the Excel file, a Trojan-Downloader installs a different malicious file.
There are also hackers targeting individuals with phony emails offering healthcare products, including masks.
Companies and individuals alike need to be very vigilant and aware during this pandemic and use the internet with caution while working from home.
With most employees working from home amid today’s COVID-19 outbreak, enterprise VPN servers have now become paramount to a company’s backbone, and their security and availability must be the focus going forward for IT teams.
This means that it is vitally important that the VPN service companies are using are patched and up-to-date. It is also encouraged that companies sift through logs to detect compromises of VPN accounts. Since most employees will now be using VPN systems, they are more likely to fall for phishing attacks that steal VPN account credentials.
In theory, with the proper logging in place, it should now be much easier to spot compromised accounts by looking at irregular VPN usage patterns for each enterprise user working from home. However with so many companies and their employees working from home, there is a new threat on the horizon in the name of extortions.
Hackers could launch DDoS attacks on VPN services and exhaust their resources, crashing the VPN server and limiting its availability.
With the VPN server acting as a gateway to a company’s internal network, this would prevent all remote employees from doing their jobs, effectively crippling an organization that has little to no workers on-site.
Generally speaking, cybercriminals tend to follow, and are after your money, and with shops being closed, retail shopping has taken a dramatic shift to the web. Last month, retailers saw a 26% increase in online payment card skimming malware compared to February, and if that’s not obvious enough, A smaller increase was spotted in February with skimming attempts up a slight 2.6% over January, which coincides with countries beginning to implement stay at home measures to defeat the virus.
But what is card skimming and how does it work? Well, ‘E-skimming’ is where a type of malware infects checkout pages online to steal payment and personal information of shoppers. The script cybercriminals use, essentially works like a card skimmer installed on a physical card terminal. By injecting the malicious script, hackers can steal payment information in real time during checkout. The information is then relayed over to a collection server run by the criminal.
Once the perpetrator has the cardholder’s data, they can use that information to make fraudulent purchases online. They can also bundle cardholders’ information and sell it on a black market to other fraudsters.
The breaches aren’t especially hard to stop once identified. However, they take a long time to detect because the hackers aren’t usually attacking the merchant directly. Instead, they usually attack the systems belonging to a third-party that works with the merchant.
This backdoor tactic lets the fraudster quietly steal data for months without being noticed; as a result, it takes an average of one year to identify a large data breach. Even if a merchant is up-to-date with PCI compliance standards and antifraud best practices, they can still be targeted.
According to Jerome Seguara, the director of threat intelligence at Malwarebytes – it’s also on the rise and becoming more common. He said that while it may not seem like a dramatic jump, ‘digital credit card skimming was already on the rise prior to COVID-19, and this trend will likely continue into the near future,”
The United States is bearing the brunt with 74% , of the card skimmer activity followed by Canada and Australia. Segura believes this is due to the more severe quarantine measures put in place. Italy and Spain do not even appear on the list, a fact Segura attributed to online shopping habits in those countries as opposed to the idea that criminals are simply not targeting those populations.
So how do we deal with this threat? In short, the best chance companies have of protecting their businesses is to be proactive in the response to this threat. This includes;
- Data encryption: Encrypted data is unreadable without the key, making it useless to hackers.
- Risk assessment: Regular scans for vulnerabilities can identify risk sources.
- Fraud indicators: Perform regular scans of all systems and identify signs of a potential breach.
How do you deal with these threats?
Unfortunately, there is no single tool or strategy that can be effective against all these threats alone. All companies need to have a broader, more comprehensive approach to cybersecurity if they hope to fight it successfully.
This includes leveraging multiple complementary tools, and implementing a multilayer approach to fraud prevention and risk mitigation is key.
For example, data encryption can help by limiting the scope of a data breach, but it can’t do anything about account takeover fraud or post-transactional threats like cyber shoplifting. Only by combining encryption with two-factor customer verification, geolocation and other tools can merchants really start to see true fraud protection.
But what if you’re the consumer? Or looking for online security while working from home that is easy to use and install? Well, firstly, you’ll need to make sure you check the sites you’re shopping from are safe and secure and run a site security check.
WOT protects you while you browse, warning you when you visit dangerous sites, or are in danger of scams, malware, phishing, rogue web stores, dangerous links, and more.
Reputation icons are displayed next to search results, social media, email, and other popular sites to help you make informed decisions online. For example WOT colors the web with colored donut like icons;
- Red indicates potential danger
- Yellow tells you to be careful
- Green means it’s a safe website
These let you know the safety rating of a site and enables a site security check on every single website.
Additionally, WOT is powered by a community of 140 million users who rate and review websites to make sure you know which ones are safe and which are not. You can check out the scorecard of a website to make sure you’re aware of where you’re shopping from and how safe a site is.
Make sure you stay safe not only by social distancing in public but by social distancing online with WOT during the pandemic by downloading WOT here.