It’s the perfect recipe for phishing attacks: an influx of remote workers operating in less secure environments while feeling uncertainty about the coronavirus pandemic.
Cybercriminals are taking advantage of the current situation. Even as lockdowns are lifted, many organizations are still embracing some degree of remote work as a way to maintain social distancing. Unfortunately, this creates the perfect recipe for phishing attacks: an influx of remote workers operating in less secure environments while feeling uncertainty about the coronavirus pandemic. Cybercriminals are able to add credibility to their scams with the mention of the national headline, and for many remote workers, cybersecurity isn’t top of mind.
The FBI released an alert regarding the current state of coronavirus-related threats:
“Scammers are leveraging the COVID-19 pandemic to steal your money, your personal information or both. Don’t let them. Protect yourself and do your research before clicking on links purporting to provide information on the virus…” They also warned people to “look out for phishing emails asking you to verify your personal information in order to receive an economic stimulus check from the government,”
What type of threats are running rampant right now?
There are two main threats that pose a huge risk to remote workers around the world:
- Phony domains containing malicious software. They typically offer information on the pandemic, cloud/remote access tools, financial assistance for those impacted, and more.
- Phishing emails aiming to trick the victim into clicking a link or downloading a file that contains malware. They typically offer the same type of content as phony domains.
Essentially, the goal is to leverage the major headline for the purpose of tricking unsuspecting users into downloading malware.
What should managed services businesses be doing to assist their clients with cybersecurity while working from home?
Now more than ever before, MSPs need to focus heavily on cybersecurity for remote workers. This means incorporating the right tools:
- Secure cloud-based applications
- Virtual private networks
- Anti-virus software
- Firewalls
But more than that, it’s all about end user education. MSPs must incorporate end user security awareness training into their offerings for organizations embracing remote work. Unfortunately, many remote workers simply don’t have the protection of a secure office network right now. For MSPs that don’t currently offer end user security awareness training, now is the time to start.
A good end user security awareness training program will incorporate the following key topics:
- Phishing and social engineering
- Safe online habits
- Technology policies
- Mobile device security
- Access and passwords
Need help finding an end user security awareness training program? Looking for secure cloud applications for remote workers? Get in touch. I will be more than happy to discuss our offering with you. Call (866) 883-8836 or email us at info@cloudservicesformsps.com.
