BankFax.Today

Work From Home Results in Cyber-Fraud Epidemic

Around the world, the number of scams associated with the COVID-19 crisis has increased. There are organized crime groups and cyber criminals taking advantage of the pandemic to send infected documents through suspicious links that reach potential victims.

The increase in teleworking, accompanied by a constant flow of information associated with the epidemic, has opened an opportunity for scammers to target companies and their workforce to commit fraud.

There are significant challenges for some sectors, such as financial services, pharmaceuticals, life sciences, and telecommunications.

However, the following risks are shared by various industries, which have been enhanced by problems associated with business continuity and operational changes by the global pandemic. 

According to an online study carried out in March, 68% of the employees interviewed had stated that they were working from home.

Unfortunately, only 24% of these were using a company computer.

This data appeared particularly alarming for Capterra analysts, as the replacement of a company computer with a personal one (mostly if done in a moment of crisis and without prior preparation) poses a series of problems in managing the security of corporate data.

Recently, it is not apparent that the employee’s devices have the same degree of protection as a company computer. 

To this exceptional and unplanned risk factor, others, however present and more ordinary, can be added, which may relate to bad management of passwords (corporate and personal), a lack of data transit on the company server with VPN use of repositories for unsafe documents.

 Five hundred eighty-four people from small and medium-sized companies responded in the survey. It emerged that:

Different type of cyber-fraud epidemic:

Phishing 

Imposters aim to reach their victims through emails with malicious attachments, links, or redirects to “updates” on COVID-19. Once opened, these links infect the computer or mobile device from which they were opened with malicious programs (malware) or expose sensitive personal data transmitted to the cyber criminal.

Phishing remains the preferred method of cyber crime. According to the 2019 Phishing and Fraud Report, carried out by the F5 Networks research center, in the United States, phishing represents 21% of attackers’ methods because it is easy and it works.

Attackers don’t have to worry about hacking into a firewall, finding a zero-day exploit, cracking encryption; the most challenging part is slipping a good trick into the email to get people to click and create a fake site to land on. 

Sites web fraud related to COVID-19

Multiple Internet domains that have been registered with the name “COVID” appear to be authentic and created by recognized organizations; however, they contain malware designed to infect computers or other mobile devices.

Risks related to business email

Using emails disguised as COVID-19 updates, scammers try to trick company employees into giving up their credentials, and then request that they log into a fake portal “COVID-19” the organization.

Once the person logs in with their credentials, the fraudster gains unlimited access to business accounts and the company network.

Ransomware attacks

In this attack, the first thing scammers do is compromise the security of critical servers and connected terminals and then encrypt them.

The attack locks the operating system and end-user files, making them inaccessible until a ransom is paid to the attacker, who often demands payment in bitcoins.

As remote access to computers becomes the norm for “working at home” due to confinement measures, an increase in these attacks is expected to paralyze organizations’ Information Technology (IT) infrastructure until the criminals manage to collect the corresponding ransoms.

Other Mobile App Scams:

Fraudsters are developing or manipulating mobile phone apps that appear to track the spread of COVID-19. However, once installed, the application infects the user’s device with malware that can be used to obtain personal information, confidential data, or bank card or account details.

Other scams:

Some other scam mechanisms used by organized crime include:

a.To request for donations for non-existent entities that appear to be helping individuals or communities affected by the virus, or contributing to the development of vaccines.

b. The request for investments in companies that would be developing services or products to prevent, detect, or cure the virus.

There are many ways that companies can reduce the chance that their workforce will fall victim to COVID-19 scammers.

The most crucial point that should be applied to reduce the level of vulnerability will be to raise awareness about how criminals try to take advantage of this global health crisis, providing them with valuable information that allows them to make the best decisions when facing a threat and thus be the first barrier that protects the security of the organization.

How to avoid being misled by fraud while working from home or merely being distracted by current events

Cyber criminals are taking advantage of the pandemic to rob corporates, governments and people, especially during fast-paced and uncertain events such as the pandemic, criminals count on distractions.

They are taking advantage of it to sneak into a scam, whether it’s leveraging the increased volume of online shopping, the increased use of online education and ‘meeting’ software, or the increased need for pandemic information and critical infrastructure, attackers may be seeing results.

In this regard, F5 shared information about the largest number of organized online fraud schemes as a result of COVID-19, and the security measures that an organization can take to avoid falling into the clutches of phishing so quickly:

Exit mobile version