Why Work From Home Is A Field Day For Cyber-Crime
These are certainly strange times, and strange times demand that we get accustomed to new circumstances very quickly. For more than a few Americans, that means working from home for the first time in our lives.
You’re going to find that there are plenty of upsides to working from home. You get to make your own hours, work in comfortable clothes, prepare your own lunches. But there are a lot of new risks that need to be managed, as well, and that goes double in times like these. Literally double, as NASA has just reported twice as many cyber-attacks as they were seeing before they sent staff to work from home, along with an exponential increase in malware attacks targeting NASA systems. If NASA is having to devote their resources to stopping malicious downloads, what does that say for the rest of us?
A lot of people are working from home for the very first time right now, and cyber-criminals are well aware of the fact that these first-timers might not know what to look out for. Put bluntly: This is a boom period for hackers. They’ve always thrived on times of crisis, and this one is tailor-made for them.
Here’s What You Need To Know
The first thing that everyone should understand about cyber-criminals: They’re opportunists. The movies show us hackers working to crack big banks and government facilities. That happens, but it makes up a fraction of their attacks. A typical cyber-criminal practices a crime-of-opportunity approach to their work.
Just like the burglar looking for piles of newspapers on front steps, scammers and hackers are just looking for vulnerability. They’re not targeting you, specifically, they’re just casting a net and seeing what they catch. That means that staying safe is mostly just a matter of basic cyber-security literacy. If you use strong passwords, if you know what a scam looks like when you see it, if you know not to go downloading any old link you get sent via email, you’re already more than halfway there.
It’s Not Always Hacking
“Hacking” conjures up the image of a guy sitting in front of a computer, probably with green text on a black background, typing through lines and lines of code to crack into a secured system. In reality, a lot of cyber-criminals don’t know a single line of programming code.
A lot of cyber-crime comes down to “social engineering.” These are people who don’t need to know a lot about computers to run their online scams, because they know human behavior. Basically con-artists, but using connected devices instead of a three-card monte table.
A few of the most common approaches listed by the FBI include the following:
- Phishing. Phishing typically involves getting you to input your information on a website or via email so that scammers can put that info to use. We know all the obvious ones, but phishers are getting more sophisticated every day, and you’ll want to train to recognize phishing attempts.
- Pretexting. “You have a distant uncle who left you his entire estate!” Who wouldn’t want to click on that? Pretexting involves enticing lures, “if you’ll just go ahead and give us your bank info.”
- Contact spamming. A scammer only needs one email address. Then they can send a malicious link to every single one of that person’s contacts, and since it’s coming from a trusted source…
- Quid pro quo. “Hey I’m with your company’s IT team, I just need your login so I can help you get this new software update.” Quid pro quo refers to scammers who will ask for your info in order to “help you out real quick.” From there they may access sensitive data or simply hold the system hostage.
When you work from home, you may be especially at risk to these attempts. These are economically uncertain times. When you get an email that looks like it came from your team lead saying he just needs you to “look this document over before we send it out,” or an offer for some gig work that’s “right up your alley,” there are plenty of good reasons why you would want to download that file or click on that link right away.
A scammer’s favorite target is someone who lacks basic cybersecurity literacy. Failing that, they’ll take someone who knows a little bit about spotting scammers, but who may be experiencing a momentary lapse in caution, owing to the anxieties we’re all going through right now, and might be tricked into clicking on malicious links.
Keep Your Guard Up
With so many of us working from home, scammers are working overtime, and we need to be extra cautious about internet security.
Remember, if you’re connected, you’re vulnerable. So check out our free cybersecurity training videos, and keep your guard up.