Hacking Attempts Double on Teleworkers

Tuesday, April 28, 2020

Reuters reported that hacking activity against corporations in the United States and other countries more than doubled by some measures in March. As teleworking increased due to the COVID-19 pandemic response, cyberattacks against organizations’ data that is being accessed from less secure environments and connections increased. Organizations have a harder time protecting their data when it is dispersed on home computers with widely varying configurations and on company machines that are connecting remotely from less secure locations.

Software and security company VMWare Carbon Black also said that ransomware attacks it monitored jumped 148% in March from the previous month. Using data from U.S.-based Team Cymru, researchers at Finland’s Arctic Security found that the number of networks experiencing malicious activity was more than double in March in the United States and many European countries compared with January, soon after the virus was first reported in China.

Rob Lefferts, a cybersecurity executive with Microsoft, said, “The volume of successful attacks is correlated with the volume of [COVID-19] virus impact.” He added that many malicious actors seemed to be piggybacking on confusion and anxiety to trick users into parting with their credentials. These cyberattacks are more successful because people are more afraid and more likely to respond to malicious attempts. Changes to networks where organizations are scrambling to respond to work-from-home situations may also be making life easier for attackers.

With the increased risk of attacks on teleworkers amid an already challenging and stressful situation, it is more important than ever to STOP. THINK. CONNECT. Phishing is still the No. 1 way of attack for cyber criminals. Remember the following tips to help you not become part of these unfortunate statistics.

  • Unsolicited emails or texts. A phishing attempt is most often from something or someone you were not expecting.
  • Suspicious sender’s address. Pay attention to the sender’s email address or phone number.
  • Generic greetings and signatures.
  • Spoofed hyperlinks. Hover your cursor over any links in the body of an email, as the link might be spoofed. Use a known good URL if you must connect to a site.
  • Offers too good to be true. If it appears to be too good to be true, then it probably is.
  • Spelling and layout. Poor grammar and sentence structure, misspellings and inconsistent formatting are tell-tale signs of a phishing attempt.
  • Suspicious and/or unsolicited attachments.
  • A sense of urgency. Cybercriminals often use a false sense of urgency or importance to help persuade a person to download or open an attachment.
  • Sensational topics. Cybercriminals will use current or sensational events to lure people to respond, such as clicking a link, downloading an attachment or replying to a message. Resist this temptation.

For more online safety tips, visit the following resource: https://it.nc.gov/resources/cybersecurity-risk-management/cybersecurity-awareness/online-safety-tips