Can you believe how many people are likely to work remote ‘till 2021? It’s been a heck of a year, team. And in what is now the longest working-from-home period in history, there’s also been a record spike in phishing and social engineering attacks. Our latest threat intel report (LSIR_0103) digs in deep.
The Tears & Fears
Here’s the deal: working remotely makes you and I more vulnerable to social engineering attacks. Why? Partly because the Internet connections we have at home aren’t as safe as those we normally use at work, and we are working with unfamiliar applications, VPNs and technology.
But the primary reason is that, working from home, our mindset at home is different. Home is where we let our guards down AND the place where we have more distractions. Kids running around. Dogs needing let out. Meals needing cooked and served. And that’s just a pre-COVID week.
Add to this the fact that we’re all scared about Pandemic spikes and getting cabin fever, and you get A LOT of people out of their comfort zones! All this makes it easier for us to fall victim to an attack.
How to Avoid Social Engineers
Cybercriminals are exploiting the situation to its full potential. Reports say social engineering attacks are on the rise via email, phone, SMS and social media. It is no exaggeration to say we’re increasingly being bombarded and our vigilance is being tested.
We told you a bit about social engineering tactics some time ago. Today we want to look at different ways you can avoid being scammed when working from home:
- Don’t click on or download anything unless you know for sure it comes from a verified sender. If unsure, contact the sender or your colleague from work and verify.
- Stay focused. Always question why you’re receiving new messages, especially unsolicited ones. Think before clicking on pop-up windows saying there is a security issue on your device or an update ready for you to download.
- Never disclose any personal information on phone or via email and remember it’s totally fine to say “no” if you feel uncomfortable with the questions you are being asked.
- Always lock your computer when you are not using it, even if you’re leaving it for just for a few minutes. You never know what your kids can accidentally click on when you are not looking.
- Keep your passwords different for all your devices and accounts. Change them regularly and don’t disclose them to anyone.
- Make sure you know your company’s cybersecurity policy and follow it. Always ask your IT department if in doubt.
- Install good antivirus software on all your devices and update it regularly. Use your company’s VPN if working with sensitive data.
- Instead of sending attachments via emails, use a shared file system accepted by your employer.
- Learn about Zoom-bombing and be careful when using apps for online meetings.
- Be extra cautious when you see a COVID-19 related message. Chances are it’s a phishing attempt!
- If you feel you’re getting too busy, slow down the pace of communication. We make more mistakes when in rush.
- Stay in touch with your colleagues! Speak to them and share your thoughts and experiences. It will make you less likely to fall for a scam.
- Get trained and refresh your knowledge about cybersecurity. More than half of all data breaches happen because of a human error. We can prevent it by taking the right kind of training which will make us more aware of online risks and threats.
Just as we learned to stay at home and social distance to reduce the spread of COVID-19, we now need to learn how to be safe online. The time of pandemic and working from home may be really tough. But let’s use it as an opportunity to learn something new and create habits that will stay with us for longer!
No More Tears or Fears about Social Engineers!