Recognizing and Combating Teleworking Threats Amidst COVID-19
In response to the COVID-19 pandemic, many businesses and organizations are transitioning to telecommuting or maintaining a limited amount of in-office personnel. This can be a stressful time for IT teams, employees, and anyone who is used to working in a set environment and is now having to adjust to working from home. During these times, networks can be especially vulnerable to cyber-attacks, as many employees will be logging in remotely or relying on cloud-based applications to remain connected to their teams and customers. Another threat stems from attackers taking advantage of people in these frightening and desperate times by preying on their fears or trying to scam them by using the stimulus checks provided by the government as leverage. We covered some basic tips on how to protect you or your business in our last article, but we wanted to go even more in depth with this follow-up in order to help businesses and their employees recognize and combat the threats that are arising during the COVID-19 driven teleworking movement.
There are several ways that businesses can make sure their employees are taking precautions, including: securing employee access from home with VPNs, educating employees on how to spot phishing emails, instructing employees on how to safely use public Wi-Fi, and implementing two-factor authentication for cloud applications.
Secure Employee Access from Home with VPN
When working remote, it’s often recommended or required by employers that their employees use a VPN, or virtual private network. Connecting to a VPN provides the employee access to the corporate network, including applications such as email, intranets, and corporate tools, within a secure tunnel across the Internet. VPN tunnels can also provide protection against malware, viruses, and other malicious intent using the same firewall policies that protect the corporate network. Many small to medium sized businesses worry that they can’t afford to implement safeguards for their network such as VPN, but securing your network doesn’t always have to be expensive.
Tools like Mission Multiplier’s SATURN-i solution allow businesses to secure employee access while teleworking with VPN, while still being affordable and cost effective for small to medium sized businesses.
Educate Employees on How to Spot Phishing Emails and Malicious Attachments
Unfortunately, cyber criminals are taking advantage of the COVID-19 pandemic and are using email messages disguised as COVID-19 news updates in order to gain unauthorized access to corporate networks. During this time, it’s crucial that employees remain vigilant and know how to spot phishing attempts. A phishing attack is a form of social engineering in which cyber criminals attempt to trick individuals by creating and sending fake emails that appear to be from an authentic source, such as a business, colleague, or even a news outlet. The email might ask you to confirm personal account information such as a password or prompt you to open a malicious attachment that infects your computer with a virus or malware. Some identifiers of phishing emails are:
- Incorrect Domain Names in Email Addresses: Attackers often use a non-descript email domain, something common enough that it could be associated with an organization. Attackers also create domains that are similar to an actual company’s domain in order to pose as that organization. Attackers also often misspell the name of a domain, but do it in a way that looks similar to the actual domain name, such as by replacing “m” with “rn” or similar techniques.
- Ex: “Manager@Arnazon.com” instead of “Manager@Amazon.com”
- It’s important to train employees to not only check the name of the person sending the email, but also to check their full email address by hovering the cursor over the ‘from’ address.
- Emails from Coworkers/Executives that Seem Unusual: Attackers often use a technique called spoofing which involves changing their sending display name to be that of an executive or another employee within the targeted organization. If an employee receives an email that appears to be from a coworker or an executive that asks them to verify sensitive information, send them money, or just sounds unusual and out of character, have them click on the sender’s information to verify that it’s coming from the person that they’re claiming to be.
- Ex: An attacker will register a free email account and use that email address to contact employees of an organization. Sometimes the email addresses contain the name of the executive that they are trying to spoof, and sometimes the addresses are non-descript. The attacker would then set their display name to match an organization’s CEO or other executive, and then send the phishing messages into the organization. The hope is that the recipient won’t look at the sending address, and instead just look at the sending display name. Some recipients may even assume that the sending email is the personal email of the executive and believe it to be real.
- Emails That Ask You to Confirm Personal Information: It’s important for employees to keep an eye out for emails requesting that they confirm personal information that they wouldn’t usually provide, such as banking details or login credentials. It’s crucial to train employees to immediately report and not reply to an email that they think may be a phishing attempt, and to not click any links without first hovering over them and verifying that they are being directed to a secure site.
- Emails That Have an Extreme Sense of Urgency: If an email has an extreme sense of urgency, then it’s likely a phishing attempt. Attackers will email individuals and say that they need their login credentials right away or that they need funds to be transferred immediately, and this is a huge red flag. If someone within an organization needed pressing information immediately, they would call or stop by to talk about the matter. Employers need to train employees to spot and report these unusual, and often urgent, requests for information and/or money.
- Poorly Written Emails: Representatives from legitimate companies more than likely know how to spell, so if an email is full of typos or grammatical errors, then it could be a phishing attempt. Correspondence from a legitimate organization should be well written and shouldn’t ask you to verify or provide information. Sometimes there’s actually a purpose behind the bad grammar and sentence structure, because hackers prey on uneducated or untrained individuals believing them to be less observant and, thus, easier targets.
These identifiers, and more, can help businesses and individuals spot phishing attempts that contain harmful attachments or request sensitive information. With businesses transitioning to working from home, many employees will need additional support and/or training to do this without opening the corporate network up to vulnerabilities.
Mission Multiplier’s SATURN-i provides affordable comprehensive email security by scanning emails and leveraging phishing protection protocols in order to safeguard information and stop phishing emails from ever getting through
Instruct Employees on How to Use Public Wi-Fi Safely
Working remotely doesn’t always necessarily mean working from home; sometimes it can mean working in libraries or cafes because they offer free public Wi-Fi for patrons. These hotspots can be great for those with limited access at home, but employees who take advantage of any public Wi-Fi should have endpoint security enabled on each connected device. Although this particular tip probably won’t come in to play with so many public locations temporarily shut down due to COVID-19, ensuring that employees are using Wi-Fi safely is still a recommended best practice.
Implement Two-Factor Authentication for Cloud Applications
While working from remote locations, it’s more important than ever to stay connected with team members in order to stay on track. To ensure that communication applications, such as Slack, Google Hangouts, and Microsoft Teams run efficiently and remain secure, activating two-factor authentication adds extra protection. Two-factor authentication uses either SMS text messaging or other verifiable sources like email to ensure that access to an account from a new location or IP address is authorized and secure.
In order to comply with state and federal regulations and to help slow the spread of COVID-19, many businesses have had to transition to teleworking or having limited staff in the office. In order to make this transition a successful one, businesses must make sure to properly train their employees and put measures into effect to safeguard their businesses during this time. It’s more important now than ever to emphasize both personal safety and network security in order to combat the cyber criminals that are using the COVID-19 pandemic as a means for attacking and scamming individuals and businesses across the country and the world.
We want you all to know that Mission Multiplier is still here to support our customers, partners, and employees. We’re working to ensure the safety and security of our team, our clients, and our clients’ respective missions. If we can help your business in any way during this pandemic, or if you would like to learn more about our tools and services, please do not hesitate to reach out. Please continue to stay safe and healthy.