The COVID-19 lockdown is forcing millions of employees to work from home. As they scramble to set up their home offices and establish connections to their companies’ networks, IT security gaps are inevitably created or exacerbated. This is giving hackers opportunities to infiltrate their employers’ servers and steal business-critical information.
In addition, malicious actors are exploiting people’s fears and psychology during this uncertain time. Many are using phishing scams that trick victims into giving up their personal information or login credentials. Others are sending out links that download malware, allowing hackers to infiltrate networks and servers.
HR and IT departments need to work in tandem to set up protocols and training to keep employee and employer data secure. Here are some cyber threats that remote workers should look out for:
Hackers have created fake websites that show maps and statistics about the spread of the coronavirus. They’re spreading these malicious sites disguised as reliable COVID-19 resources.
These cybercriminals often start by circulating links to those fake sites on social media or through misleading emails. When people click on the links and visit the sites, malware is downloaded to the visitors’ computers and used to perform malicious acts.
Criminals are also using phishing scams that capitalize on people’s fear of and confusion around COVID-19. They pose as authorities (e.g., the Centers for Disease Control and Prevention or the World Health Organization) in emails to trick recipients into downloading malware or giving up their login credentials.
For example, a scam is spreading false claims that the virus has spread to the email recipients’ cities and prompts them to enter their email passwords to get more information. Another scam takes the same approach and sends victims to a fake Microsoft Outlook portal to harvest credentials.
Meanwhile, some hackers are directing people to a fake version of the World Health Organization website that prompts visitors to enter their email passwords to see “safety measures” on COVID-19.
Malicious actors are targeting people who are working from home because their devices are connected to corporate networks that store highly valuable data.
Some remote employees are forced to use old computers that don’t have the latest security patches installed. Meanwhile, many are distracted by having to balance home and work lives while coping with the stress of isolation. The distraction is making employees more susceptible to hackers’ tricks.
Also, as employees work from home and rely on email for communication, hackers are impersonating senior staff members to trick workers into sending money to them. Meanwhile, senior executives are discussing confidential issues and exchanging sensitive data online, making them prime target for cyberattacks.
Organizations need to take the necessary precautions to protect their employees and systems from cyber threats so they don’t fall victim to costly data breaches. Here’s how:
By implementing the proper security best practices and supporting remote employees to implement IT security guidelines, HR can minimize the risk of cyber threats due to the recent surge of remote work and protect your organization from costly data breaches.
Matt Shealy, Talent Management & HR